Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 4 Application Security Knowledge and Test Prep

Published byMarian Dennis Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 4 Application Security Knowledge and Test Prep"— Presentation transcript:

1 Chapter 4 Application Security Knowledge and Test Prep
Press F5 Grab a pen / pencil and paper Jot the answer down for each question. The answers will appear on the next slide Take this prep seriously to help with Chapter 4’s exam... Hint hint

2 Which protocol can be used to secure the e-mail login from an Outlook client using POP3 and SMTP?
A. SMTP B. SAP C. SPA D. Exchange

3 Which protocol can be used to secure the e-mail login from an Outlook client using POP3 and SMTP?
A. SMTP B. SAP C. SPA (Secure Password Authentication) is a Microsoft protocol used to authenticate clients. D. Exchange

4 As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet? A. Instant messaging B. Cookies C. Group policies D. Temporary files

5 As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet? A. Instant messaging B. Cookies C. Group policies D. Temporary files

6 What are two ways to secure Internet Explorer
What are two ways to secure Internet Explorer? (Select the two best answers.) A. Set the Internet zone’s security level to High. B. Add malicious sites to the Trusted Sites zone. C. Disable the pop-up blocker. D. Disable ActiveX controls.

7 What are two ways to secure Internet Explorer
What are two ways to secure Internet Explorer? (Select the two best answers.) A. Set the Internet zone’s security level to High. B. Add malicious sites to the Trusted Sites zone. C. Disable the pop-up blocker. D. Disable ActiveX controls.

8 Which of the following concepts can ease administration but can be the victim of malicious attack?
A. Zombies B. Backdoors C. Buffer overflow D. Group policy

9 Which of the following concepts can ease administration but can be the victim of malicious attack?
A. Zombies B. Backdoors Backdoors were originally created to ease administration. However, hackers quickly found that they could use these backdoors for a malicious attack. C. Buffer overflow D. Group policy

10 In an attempt to collect information about a user’s activities, which of the following will be used by spyware? A. Session cookie B. Tracking cookie C. Shopping cart D. Persistent cookie

11 In an attempt to collect information about a user’s activities, which of the following will be used by spyware? A. Session cookie B. Tracking cookie C. Shopping cart D. Persistent cookie

12 An organization hires you to test an application that you have limited knowledge of. You are given a login to the application, but do not have access to source code. What type of test are you running? A. Gray box B. White box C. Black box D. SDLC

13 An organization hires you to test an application that you have limited knowledge of. You are given a login to the application, but do not have access to source code. What type of test are you running? A. Gray box A gray box test is when you are given limited information about the system you are testing. B. White box C. Black box D. SDLC

14 An attacker takes advantage of vulnerability in programming, which allows the attacker to copy more than 16 bytes to a standard 16-byte variable. Which attack is being initiated? A. Directory traversal B. Command injection C. Buffer overflow D. Code overflow

15 An attacker takes advantage of vulnerability in programming, which allows the attacker to copy more than 16 bytes to a standard 16-byte variable. Which attack is being initiated? A. Directory traversal B. Command injection C. Buffer overflow D. Code overflow

16 You are the security administrator for a multimedia development company. Users are constantly searching the Internet for media, information, graphics, and so on. You receive complaints from several users about unwanted windows appearing on their displays. What should you do? A. Install antivirus software B. Install pop-up blockers C. Install screensavers D. Install a host-based firewall

17 You are the security administrator for a multimedia development company. Users are constantly searching the Internet for media, information, graphics, and so on. You receive complaints from several users about unwanted windows appearing on their displays. What should you do? A. Install antivirus software B. Install pop-up blockers C. Install screensavers D. Install a host-based firewall

18 Which of the following attacks uses a JavaScript image tag in an e-mail?
A. SQL injection B. Cross-site request forgery C. XSS - Cross-site scripting D. Directory traversal

19 Which of the following attacks uses a JavaScript image tag in an e-mail?
A. SQL injection B. Cross-site request forgery C. XSS - Cross-site scripting D. Directory traversal

20 How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.) A. Have the user contact the webmaster. B. Have the user check for C. Have the user click the padlock in the browser and verify the certificate. D. Have the user called the ISP.

21 How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.) A. Have the user contact the webmaster. B. Have the user check for C. Have the user click the padlock in the browser and verify the certificate. D. Have the user called the ISP.

22 Again, use this Chapter 4 prep to help with Exam #2 (Chapters 4 & 5)

Download ppt "Chapter 4 Application Security Knowledge and Test Prep"

Similar presentations

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
The OWASP Foundation OWASP Chennai 2007 Phishing.

The OWASP Foundation OWASP Chennai Phishing.
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.

Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Quiz Review.

Quiz Review.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Introduction to Network Security © N. Ganesan, Ph.D.

Introduction to Network Security © N. Ganesan, Ph.D.
PowerPoint Presentation to Accompany GO! with Internet Explorer 9 Getting Started Chapter 3 Exploring the World Wide Web with Internet Explorer 9.

PowerPoint Presentation to Accompany GO! with Internet Explorer 9 Getting Started Chapter 3 Exploring the World Wide Web with Internet Explorer 9.
With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.

With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Configuring and Troubleshooting Internet Access Chapter 9 powered by dj.

Configuring and Troubleshooting Internet Access Chapter 9 powered by dj.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report 2014 https://info.cenzic.com/2013-Application-Security-Trends-Report.html.

Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report

Similar presentations

Ads by Google