Which of the following statements is NOT TRUE about stored XSS?

It happens when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way.

It happens when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way.

It makes use of unsanitized HTML forms.

In passive vulnerability assessment, the best technique is:

sniffing the network traffic with network analyzers like Wireshark.

using network scanners like nmap.

testing user input in web applications.

In external vulnerability assessment, the best technique is:

sniffing the network traffic with network analyzers like Wireshark.

using network scanners like nmap.

testing user input in web applications.

Vulnerability Research and Tools

Authored by Aidora Abdullah

Computers

University

Used 23+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

15 questions

Show all answers

MULTIPLE CHOICE QUESTION

20 sec • 1 pt

An example of an exploit is malware.

True

False

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does a security researcher usually submit to a vendor as evidence that an attack using a vulnerability in the vendor's software is possible?

Vulnerability details

Malware

Proof-of-concept exploit

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the below does NOT belong to the list of metric groups used in CVSS?

Temporal metric group

Complexity metric group

Base metric group

Environmental metric group

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What do you call an exploit if the vulnerability was exploited AFTER a patch was released?

N-day exploit or attack

0-day exploit

0-day vulnerability

Vulnerability

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Which of the following are web-based exploitive behaviors?

Defacing websites

Domain Name Server (DNS) attacks

ARP poisoning

Employing malicious code

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

_______________ is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files.

Cookie snooping

Command injection

Directory traversal

Log tampering

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The diagram shows an example of a(n) __________________ attack.

buffer overflow

cross-site request forgery

SQL injection

cross-site scripting

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

Basic of Computer Networks - Quiz1

Quiz

•

University

13 questions

CIS2303 Week_3 CLO2

Quiz

•

University

20 questions

Introduction To Computers

Quiz

•

University

20 questions

PRINTERS

Quiz

•

University

20 questions

Designing Network Infrastructure and Network Security

Quiz

•

KG - University

10 questions

Firewall & IDS

Quiz

•

University

10 questions

TOPIC 1 COMPUTER NETWORK

Quiz

•

University

10 questions

Transmission Media

Quiz

•

1st Grade - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

20 questions

CompTIA Network+ - Ports and Protocols

Quiz

•

University

Vulnerability Research and Tools

An example of an exploit is malware.

What does a security researcher usually submit to a vendor as evidence that an attack using a vulnerability in the vendor's software is possible?

Which of the below does NOT belong to the list of metric groups used in CVSS?

What do you call an exploit if the vulnerability was exploited AFTER a patch was released?

Which of the following are web-based exploitive behaviors?

_______________ is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files.

The diagram shows an example of a(n) __________________ attack.

Which of the following statements is NOT TRUE about stored XSS?

Which web-based attacks will not be solved by sanitizing user's input into HTML forms?

Implementing a 'timeout' value will help mitigate the following web-based attacks EXCEPT:

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers