What is the main goal of a Directory Traversal attack?

To access files outside the permitted system space such as the root folder

To delete files in the root folder

What tactic is used in a Directory Traversal attack to move up the file system tree?

Insert a series of ../ characters into the URL or software code

Insert a series of // characters

Based on the example provided, what is the purpose of adding '../../../etc/passwd' to the URL in a Directory Traversal attack?

To print out the passwd file from the server

To delete files from the server

What is a Buffer Overflow?

B) Inserting code into the memory buffer of a process where the data is larger than the input variable can hold and overflows into process execution space to run hostile code.

A) A process where data is deleted from memory

C) A process where memory is compressed

D) A process where data is encrypted

What is Command Injection?

B) Inserting text into form fields that is passed into an executable process, usually to run terminal commands on the hosting server

C) A way to speed up website loading

Which of the following is NOT a step in a command injection attack?

D) Encrypt the user input before sending it to the server

A) User input is processed according to the web page code

B) Insert a special character to indicate a new command

C) Follow with a command to run in the OS of the hosting device

This is how XSS works: 2. What happens when the web page is accessed by the victim?

The malicious scripts unknowingly pass to their browser

User Input Threats

Authored by Mousumi Biswas

Mathematics

9th Grade

CCSS covered

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

25 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the definition of User Input? Fill in the blank: User Input is numbers, characters, a text string, or ________ that is provided by the user to a website.

script code

background image

server address

browser history

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is an example of user input?

When a user fills in a form

When a user logs in

When a user adds a comment to a forum

All of the above

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is NOT a type of attack that can occur when a website accepts user input?

A) Directory Traversal

B) Buffer Overflow

C) Command Injection

D) Phishing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Fill in the blank: ________ is an attack where an attacker tries to access directories and files stored outside the web root folder.

Directory Traversal

SQL Injection

Cross-Site Scripting

Session Fixation

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Fill in the blank: ________ is an attack that occurs when more data is written to a buffer than it can hold.

Buffer Overflow

SQL Injection

Cross-Site Scripting

Phishing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Fill in the blank: ________ is an attack where malicious code is inserted into a website to be executed by other users (often abbreviated as XSS).

Cross-Site Scripting

SQL Injection

Phishing

Denial of Service

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Based on the passage: Why is security often not considered a priority during the coding process?

Most programmers are focused on making their application work and meeting their deadlines to publish the code.

Security is always the main focus during coding.

Programmers believe security is handled automatically by the computer.

Security is only important after the application is released.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

Year 9 - Expressions and Formulae Review

Quiz

•

7th - 9th Grade

22 questions

Przekształcanie wykresów funkcji. Funkcja liniowa

Quiz

•

9th - 11th Grade

20 questions

geometria piana

Quiz

•

9th Grade

20 questions

Indices-(O'Level Revision)

Quiz

•

8th - 10th Grade

20 questions

Persamaan Kuadrat 3

Quiz

•

9th Grade

20 questions

MATEMATICAS 1 REPASO NÚMEROS ENTEROS Y JERARQUÍA

Quiz

•

6th - 9th Grade

25 questions

Latihan PTS Matematika kelas 9 Semester Ganjil

Quiz

•

9th Grade

20 questions

Factorización 1

Quiz

•

9th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Mathematics

20 questions

Graphing Inequalities on a Number Line

Quiz

•

6th - 9th Grade

18 questions

SAT Prep: Ratios, Proportions, & Percents

Quiz

•

9th - 10th Grade

12 questions

Exponential Growth and Decay

Quiz

•

9th Grade

12 questions

Add and Subtract Polynomials

Quiz

•

9th - 12th Grade

15 questions

Combine Like Terms and Distributive Property

Quiz

•

8th - 9th Grade

20 questions

Function or Not a Function

Quiz

•

8th - 9th Grade

10 questions

Elijah McCoy: Innovations and Impact in Black History

Interactive video

•

6th - 10th Grade

16 questions

Converting Improper Fractions to Mixed Numbers

Quiz

•

4th - 10th Grade

User Input Threats

What is the definition of User Input? Fill in the blank: User Input is numbers, characters, a text string, or ________ that is provided by the user to a website.

Which of the following is an example of user input?

Which of the following is NOT a type of attack that can occur when a website accepts user input?

Fill in the blank: ________ is an attack where an attacker tries to access directories and files stored outside the web root folder.

Fill in the blank: ________ is an attack that occurs when more data is written to a buffer than it can hold.

Fill in the blank: ________ is an attack where malicious code is inserted into a website to be executed by other users (often abbreviated as XSS).

Based on the passage: Why is security often not considered a priority during the coding process?

What is the main goal of a Directory Traversal attack?

What tactic is used in a Directory Traversal attack to move up the file system tree?

Fill in the blank: Typing 'cd ..' will move us from the current folder to its ______ folder.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Mathematics