Which of the following is the best way to ensure that JavaScript cannot be used to access a cookie

Set the HTTP only Flag in the Cookie

Set the Secure Flag in the Cookie

You should set a secure flag in a cookie to ensure that

The cookie is sent over an encrypted channel

The cookie is a persistent cookie

The cookie is deleted when the user closes the browser

The cookie is not available to client script

What is the impact of a CSRF attack?

Get all information from the query.

No unpredictable request parameters

Why does the CSRF attack happen?

validate referer with contain() function

validate csrf key in both client and server side.

Using the post method to update information.

What is the best way to prevent csrf attack?

Validation of Referer depends on header being present

What happens if we set samesite=strict for session cookie

the browser will not include the cookie in any requests that originate from another site

the browser will include the cookie in any requests that originate from another site

the browser will include the cookie in any requests

What happens if we set samesite=lax?

the browser will include the cookie in requests that originate from another site with some conditions

the browser will include the cookie in requests that originate from another site without any conditions

The browser will send cookies with GET request

The browser will send cookies with POST request

CSRF attack

Authored by vn mgm-sp

Computers

Used 37+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

25 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

_____ is a type of attack that tricks site users or
administrators to unknowingly perform malicious actions for the attacker like changing order values and product prices, transfer funds from one account to another, change user passwords to hijack accounts.

SQL Injection

Cross-Site Scripting (XSS)

Command Injection

File Inclusion (LFI/RFI)

Cross-Site Request Forgery (CSRF)

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

OS Commanding

Cross-site Scripting

Cross-site Request Forgery

Cross-site tracing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites

SQL injection

Cross Site Scripting

Malware Uploading

Man in the Middle

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Security Mis-configuration

Cross Site Scripting

Insecure Direct Object Reference

Broken Authentication and Session Management

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Attack that exploits the trust that a site has in a user's browser

Session Hijacking

Cross-Site Request Forgery

SQL injection

Cross-Site Scripting

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which character is most likely to be used for an SQL injection attack

Single quote (')

Null (\0) byte

Less than sign(<)

Greater than sign(>)

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following attacks occurs when a malicious user convinces a victim to send a request to a server with malicious input and the server echoes the input back to client?

Reflected XSS

Persistent XSS

Insecure Direct Object Reference

Failure to Restrict URLs

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

James and the giant peach

Quiz

•

4th Grade

20 questions

Quiz Informatika Bab 3 & 4

Quiz

•

10th Grade

20 questions

ICT Grade 8 Model exam Altaluq private school Excel

Quiz

•

8th Grade

20 questions

QUIZ 3 SAM

Quiz

•

12th Grade

20 questions

QUIZ TIME COMPUTER

Quiz

•

1st Grade

20 questions

Materi 1 SO dan SOJ (PRE TEST )

Quiz

•

11th Grade

20 questions

DreamWeaver CS6

Quiz

•

University

20 questions

empowerment quiz2

Quiz

•

1st - 5th Grade

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

22 questions

School Wide Vocab Group 1 Master

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for Computers

3 questions

Perserverance

Presentation

•

19 questions

Fire Safety

Quiz

•

KG - 2nd Grade

20 questions

Capitalization in sentences

Quiz

•

KG - 4th Grade

20 questions

CVC Words

Quiz

•

KG - 1st Grade

21 questions

Inches

Quiz

•

KG - 2nd Grade

10 questions

How to Catch a Dinosaur

Quiz

•

KG - 5th Grade

10 questions

quotation marks

Quiz

•

KG - 3rd Grade

7 questions

3D Shapes

Interactive video

•

KG - 12th Grade

CSRF attack

_____ is a type of attack that tricks site users or
administrators to unknowingly perform malicious actions for the attacker like changing order values and product prices, transfer funds from one account to another, change user passwords to hijack accounts.

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Attack that exploits the trust that a site has in a user's browser

Which character is most likely to be used for an SQL injection attack

Which of the following attacks occurs when a malicious user convinces a victim to send a request to a server with malicious input and the server echoes the input back to client?

Which of the following is the best way to ensure that JavaScript cannot be used to access a cookie

Which threat is most likely to occur when a POST parameter performs an operation on behalf of a user without checking a shared secret

What threat arises from not flagging HTTP cookies with tokens as secure

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

CSRF attack

_____ is a type of attack that tricks site users oradministrators to unknowingly perform malicious actions for the attacker like changing order values and product prices, transfer funds from one account to another, change user passwords to hijack accounts.

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Attack that exploits the trust that a site has in a user's browser

Which character is most likely to be used for an SQL injection attack

Which of the following attacks occurs when a malicious user convinces a victim to send a request to a server with malicious input and the server echoes the input back to client?

Which of the following is the best way to ensure that JavaScript cannot be used to access a cookie

Which threat is most likely to occur when a POST parameter performs an operation on behalf of a user without checking a shared secret

What threat arises from not flagging HTTP cookies with tokens as secure

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

_____ is a type of attack that tricks site users or
administrators to unknowingly perform malicious actions for the attacker like changing order values and product prices, transfer funds from one account to another, change user passwords to hijack accounts.