Cross-Site Scripting
Authored by Thalita Vergilio
Computers
University
Used 56+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
Which is not an injection type of attack?
cross-site scripting
SQL injection
insecure direct object reference
LDAP injection
2.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
In cross-site scripting (XSS), malicious code executes on the client.
TRUE
FALSE
3.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
Which is NOT a type of XSS?
stored
injected
DOM-based
reflected
4.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
Reflected XSS is considered more damaging than stored XSS.
TRUE
FALSE
5.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
All but one are generally applied to user input to prevent XSS attacks.
sanitisation
filtering
encryption
escaping
6.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
What is typically stolen in a XSS attack?
hashed passwords for all users
unencrypted files
network traffic
session IDs from cookies
7.
MULTIPLE CHOICE QUESTION
10 sec • 1 pt
An attacker posts malicious XSS code in the comments section of a website. Where would this code typically run?
on the application server
on the database, when stored
on every browser that visits the page
on the database, when retrieved
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
