Web Security
Which prevents JavaScript code running on
badsite.com
from reading the session cookie for
amazon.com?
the certificate authority
the Secure flag
the P3P privacy policy
the HttpOnly flag
the same origin policy
Which prevents JavaScript code successfully injected by an attacker into a page on
amazon.com
from reading the session cookie for
amazon.com? a. the certificate authority
the Secure flag
the P3P privacy policy
the Http Only flag
the same origin policy Suppose a web server needs to distinguish a legitimate form submission generated by a user’s explicit action from a fraudulent one initiated by a third-party, malicious site. Validating which of the following would be the
least
effective in performing this task? that the Cookie header contains the correct session cookie
that the correct CAPTCHA was submitted
that the referrer points to a trusted server
that the submitted password is correct
that the submitted anti-CSRF token is correct
Which of the following techniques for preventing an attacker from injecting unwanted JavaScript into a response would be the
least
effective?
replacing <,>, ", and ’ with <,>, ", and &a pos;, respectively.
replacing all non-alphanumeric characters by their HTML-entity equivalents
removing each string in the original input matching the regular expressions ]*> and ]*> using a Content-Security-Policy that disallows inline JavaScript
using the inner Text property, rather than inner HTML, to dynamically modify the DOM
Detour is a town in Carroll County, Maryland. To avoid confusion, traffic engineers place signs directing motorists to Detour or labelling roads named Detour on a green background, while construction-related detours requiring drivers to divert from their usual route are shown on a sign with an orange background. Which technical solution and problem are analogous? replacing <><,=""><>
using SQL parameterized queries to pass input data separately from the query, so that data will not be confused with code
Problem Solving
√
|
|
log
|
|
10
x
|
|
÷
|
7
|
|
8
|
|
9
|
|
×
|
4
|
|
5
|
|
6
|
|
-
|
1
|
|
2
|
|
3
|
|
+
|
0
|
|
.
|
|
+/-
|
|
=
|
|
Using the calculator above, how would you compute 7.0962.1018, if possible?
_________________________________________________________________________
Using the calculator above, how would you compute 18, if possible?
_________________________________________________________________________
Using the calculator above, how would you compute ln3, if possible?
__________________________________________________________________________
Using the calculator above, how would you compute sin63. 24°, if possible?
_________________________________________________________________________