CSRF QUIZ

What is the term used for injecting JavaScript into a user's web browser through page elements like comment sections, search results, and URLs?

a) Cross-Site Request Forgery

b) SQL Injection

c) Cross-Site Scripting

d) Phishing

In the Twitter CSRF attack example, what type of request could be used to create tweets before the site switched to using POST requests?

a) PUT

b) GET

c) DELETE

d) OPTION

What type of HTTP request is uniquely vulnerable to CSRF attacks, as it contains the entirety of the request's contents in a URL?

a) DELETE

b) PUT

c) GET

d) POST

Why might setting the SameSite attribute to Strict on session cookies be problematic for users?

a) It forces users to reconfirm their login details frequently.

b) It strips the cookie of any requests from other websites.

c) It allows cross-site requests to send cookies.

d) It prevents users from logging in again.

How does an anti-CSRF cookie help prevent CSRF attacks?

a) By preventing the use of cookies in HTML forms

b) By blocking al incoming requests to the server

c) By encrypting al communication between the browser and server

d) By ensuring that requests are only initiated within the same site

What is the benefit of using Single Sign-On (SSO) in web applications?

a) To alow seamless linking into the site

b) To provide a unified authentication process for multiple systems

c) To improve user experience

d) To protect against cross-site scripting attacks

What is the purpose of using Cross-Origin Resource Sharing (CORS) in web development?

a) To prevent cross-site scripting attacks

b) To restrict the types of content that can be loaded on a web page

c) To authenticate users before granting access to the web application

d) To alow resources to be requested from another domain

What is the term used for the process of verifying the integrity and authenticity of a message transmitted over an insecure channel?

a) Decryption

b) Authentication

c) Encryption

d) Authorization

What is the term used for the process of verifying the integrity and authenticity of a message transmitted over an insecure channel?

a) Encryption

b) Decryption

c) Authentication

d) Authorization

What is the primary purpose of using HTTP Strict Transport Security (HSTS) in web applications?

a) To restrict the types of content that can be loaded on a web page

b) To encrypt sensitive data transmitted between the client and server

c) Make websites accessible only via secure connections

d) To authenticate users before granting access to the web application