Web Security: Common Vulnerabilities And Their Mitigation - Session hijacking using session fixation

Web Security: Common Vulnerabilities And Their Mitigation - Session hijacking using session fixation

Assessment

Interactive Video

Information Technology (IT), Architecture

University

Hard

Created by

Quizizz Content

FREE Resource

The video tutorial explains session fixation, a security vulnerability where attackers set a session ID for a user, allowing them to impersonate the user. It discusses how attackers exploit this vulnerability by sending links with fixated session IDs and highlights the importance of generating new session IDs upon login. The tutorial also covers the limitations of server-generated session IDs and the risks of cross sub-domain cookies, emphasizing the need for robust security practices to prevent session fixation attacks.

Read more

7 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the primary goal of session fixation?

To delete a user's session ID

To steal a user's session ID

To set a user's session ID to a known value

To encrypt a user's session ID

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How does untrustedbank.com become vulnerable to session fixation?

By generating new session IDs for each login

By accepting session IDs only from cookies

By accepting any session ID specified by the user

By using encrypted session IDs

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What action does the attacker take to exploit the session fixation vulnerability in untrustedbank.com?

Sends a phishing email with a fixated session ID link

Hacks into the bank's server

Steals the victim's password

Uses a brute force attack

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Why are server-generated session IDs not a complete solution to session fixation?

Attackers can still use their own server-generated IDs

They are always encrypted

They require user consent

They are too complex to implement

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is a cross sub-domain cookie?

A cookie that is encrypted

A cookie that cannot be accessed by sub-domains

A cookie set by a sub-domain on the main domain

A cookie set by the main domain

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How can an attacker exploit cross sub-domain cookies?

By using cookies only from the main domain

By setting a cookie on a trusted site through an untrusted sub-domain

By deleting all cookies from the browser

By encrypting the cookies

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What should a trusted site avoid to prevent session fixation via cross sub-domain cookies?

Allowing third-party sub-domains to set cookies

Using encrypted session IDs

Generating new session IDs for each login

Accepting session IDs only from query strings

Similar Resources on Quizizz

Web Security: Common Vulnerabilities And Their Mitigation - Session ids using hidden form fields and cookies

6 questions

Web Security: Common Vulnerabilities And Their Mitigation - Session ids using hidden form fields and cookies

interactive video

Interactive video

University

The Complete Ethical Hacking Bootcamp: Beginner To Advanced - Session Fixation

2 questions

The Complete Ethical Hacking Bootcamp: Beginner To Advanced - Session Fixation

interactive video

Interactive video

University

Web Security: Common Vulnerabilities And Their Mitigation - What is a session?

8 questions

Web Security: Common Vulnerabilities And Their Mitigation - What is a session?

interactive video

Interactive video

University

Web Security: Common Vulnerabilities And Their Mitigation - Learn by example - sessions without cookies

2 questions

Web Security: Common Vulnerabilities And Their Mitigation - Learn by example - sessions without cookies

interactive video

Interactive video

University

Fundamentals of Secure Software - Web Sessions

4 questions

Fundamentals of Secure Software - Web Sessions

interactive video

Interactive video

University

The Complete Ethical Hacking Bootcamp: Beginner To Advanced - Session Fixation

11 questions

The Complete Ethical Hacking Bootcamp: Beginner To Advanced - Session Fixation

interactive video

Interactive video

University

Web Security: Common Vulnerabilities And Their Mitigation - Learn by example - how does a XSS attack work?

5 questions

Web Security: Common Vulnerabilities And Their Mitigation - Learn by example - how does a XSS attack work?

interactive video

Interactive video

University

Learn JMeter from Scratch on Live Applications - Performance Testin - Handling Correlation with Scripting Techniques

8 questions

Learn JMeter from Scratch on Live Applications - Performance Testin - Handling Correlation with Scripting Techniques

interactive video

Interactive video

University

Popular Resources on Quizizz

math review

20 questions

math review

quiz

Quiz

4th Grade

Math Review - Grade 6

20 questions

Math Review - Grade 6

quiz

Quiz

6th Grade

Reading Comprehension

20 questions

Reading Comprehension

quiz

Quiz

5th Grade

Types of Credit

20 questions

Types of Credit

quiz

Quiz

9th - 12th Grade

Taxes

20 questions

Taxes

quiz

Quiz

9th - 12th Grade

Human Body Systems and Functions

10 questions

Human Body Systems and Functions

interactive video

Interactive video

6th - 8th Grade

Math Review

19 questions

Math Review

quiz

Quiz

3rd Grade

7th Grade Math EOG Review

45 questions

7th Grade Math EOG Review

quiz

Quiz

7th Grade

Discover more resources for Information Technology (IT)

Summer

20 questions

Summer

quiz

Quiz

KG - University

Railroad Operations and Classifications Quiz

6 questions

Railroad Operations and Classifications Quiz

quiz

Quiz

University

2nd Semester 2025 Map Final

47 questions

2nd Semester 2025 Map Final

quiz

Quiz

KG - University

Science 5th Grade EOG Review #3

43 questions

Science 5th Grade EOG Review #3

quiz

Quiz

KG - University

Cartoon Characters

24 questions

Cartoon Characters

quiz

Quiz

KG - University

What is your personality?

9 questions

What is your personality?

quiz

Quiz

University

El Presente

10 questions

El Presente

quiz

Quiz

1st Grade - University

NC Biology EOC Review : Heredity, Genetics, Biotechnology

32 questions

NC Biology EOC Review : Heredity, Genetics, Biotechnology

quiz

Quiz

KG - University

Research documentation
Atmospheric Science
Mutations
The ancient Silk Road
Achievements and legacy
Analyze natural hazard maps
How plants make food
Construct Shapes Inscribed in a Circle
Reading comprehension
Noun Pronoun Replacement

© 2025 Quizizz Inc.