Exam (elaborations)
CS6262 Lecture Quizzes with 100% Correct Answers
- Course
- Institution
CS6262 Lecture Quizzes with 100% Correct Answers
[Show more]
Seller
Follow
Content preview
CS6262 Lecture Quizzes with 100%Correct Answers
Characteristics of Sandboxing - ANSWER • If data is not saved, it is lost when
the application closes.
• Lightweight and easy to setup
Characteristics of Virtual Machines - ANSWER • It is a machine within a
machine • Disk space must be allocated to the application
Characteristics of Sandboxing and Virtual Machines - ANSWER Anything changed or
created is not visible beyond its boundaries.
(True or False) Content Security Policy (CSP) will allow third party widgets (e.g.
Google +1 button) to be embedded on your site - ANSWER True
(True or False) Cross-Origin Resource Sharing (CORS) allows cross-domain
communication from the browser - ANSWER True
(True or False) Cross-Origin Resource Sharing (CORS) requires coordination
between the server and client. - ANSWER True
Define "origin" in regards to Same Origin Policy (SOP) - ANSWER A combination
of URI scheme, hostname, and port number.
(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"http://www.example.com/dir2/other.html" succeed or fail? - ANSWER Succeed
(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"http://www.example.com/dir/page2.html" succeed or fail? - ANSWER Succeed
(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"http://username:password@www.example.com/dir2/other.html" succeed or fail? -
ANSWER Succeed
(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"http://www.example.com:81/dir/other.html" succeed or fail? - ANSWER Fail
,(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"http://www.example.com/dir.other.html" succeed or fail? - ANSWER Fail
(SOP) Given this website "http://www.example.com/dir/page.html" will the URL
"https://www.example.com/dir/other.html" succeed or fail? - ANSWER Fail
(Define the cookie type - E.g. Super, SameSite, etc) A cookie with an origin of a
top-level domain - ANSWER Super
A cookie that is regenerated after it is deleted. - ANSWER Zombie
A cookie that can only be sent in requests originating from the same origin as the
target domain. - ANSWER SameSite
This cookie cannot be accessed by client-side APIs. - ANSWER HttpOnly
A cookie that belongs to a domain that is different than the one shown in the
address bar. - ANSWER Third-party
An in-memory cookie. It doens not have an expiration date. It is deleted when
the browser is closed. - ANSWER Session
A cookie that has an expiration date or time. Also called tracking cookies. - ANSWER
Persistent
A cookie that can only be transmitted over an encrypted connection. - ANSWER Secure
(True or False) Cryptographic hash funtions that are not one-way are vulnerable to
preimage attacks - ANSWER True
(True or False) A difficult hash function is one that takes a long time to calculate
- ANSWER False
(True or False) A good cryptographic hash function should employ an avalanche effect -
ANSWER True
(True or False) The token must be stored somewhere - ANSWER True
, (True or False) Tokens expire but they could still be mechanisms to revoke them
if necessary - ANSWER True
(True or False) Token size, like cookie size, is not a concern - ANSWER False
(True or False) Active session hijacking involves disconnecting the user from the server
once that user is logged on. Social engineering is used to perform this type of hijacking.
- ANSWER True
(True or False)
In Passive session hijacking the attacker silently captures the credentials of a user.
Social engineering is required to perform this type of hijacking. - ANSWER False
Which of the following items can be encrypted by HTTPS?
• Request URL
• Query parameters
• Headers
• Cookies
• Host Addresses
• Port numbers
• The amount of transferred data
• Length of the session - ANSWER • Request URL
• Query parameters
• Headers
• Cookies
Which of the following are disadvantages to using HTTPS?
• Browser caching won't work properly
• You need to buy an SSI certificate
• Mixed modes issue- loading insecure content on a secure site
• HTTPS uses a lot of server resources
• Proxy caching problems- public caching cannot occur
• HTTPS introduces latencies - ANSWER • You need to buy an SSI certificate
• Mixed modes issue- loading insecure content on a secure site
• Proxy caching problems- public caching cannot occur
Tier One (1) Network - ANSWER A network can reach every other network through
peering.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KenAli. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.24. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77254 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now