ISEC 322: Design & Analysis of Sec Protocols

What is a common vulnerability associated with ARP?

Eavesdropping

Which type of attack is associated with the TCP protocol?

SYN flood attack

What type of security issue is commonly associated with SMTP?

Man-in-the-middle attack

What is a known vulnerability associated with DNS?

DNS spoofing Signup and view all the answers

Which security problem is often related to Web forms, cookies, and CGI scripts?

Cross-site scripting Signup and view all the answers

What type of misuse is associated with mobile code like Java scripts and ActiveX controls?

Denial of Service (DoS) Signup and view all the answers

What is a potential risk associated with using helper applications in browsers?

Downloading dangerous content that may contain macro viruses Signup and view all the answers

How can DNS spoofing impact web security?

Downgrading browser security by reducing the key length in SSL connections Signup and view all the answers

What is the primary concern with mobile code like ActiveX controls in terms of security?

They run directly on the machine without a sandbox Signup and view all the answers

Which statement accurately describes Java applets in terms of running environment?

Java applets run within a controlled environment called a sandbox Signup and view all the answers

What is a known danger associated with signed ActiveX controls?

Writing arbitrary files on the hard disk leading to potential exploitation Signup and view all the answers

How do JavaScript applet scripts differ from Java applets in terms of processing within browsers?

JavaScript applet scripts are interpreted by the browser itself, not as powerful as Java applets Signup and view all the answers

What is a potential risk associated with sending cookies in clear?

Eavesdropping and potential session hijacking Signup and view all the answers

How can third-party advertisements pose a privacy risk to users?

By setting a cookie that can track user visits Signup and view all the answers

What is a common consequence of unexpected user input in web forms?

Security vulnerabilities Signup and view all the answers

In the context of password-based user authentication, what issue can arise from inadequate input validation?

SQL injection attacks Signup and view all the answers

What type of attack exploits the program's failure to verify data sizes, potentially leading to memory corruption?

Buffer overflow attacks Signup and view all the answers

How can cross-site scripting (XSS) be characterized?

Sending malicious scripts to trusted servers Signup and view all the answers

Which type of attack involves the attacker arranging for the victim to receive a malicious script from a trusted server?

^ARP poisoning Signup and view all the answers

What could be a consequence of buffer overflow attacks if left unmitigated?

Potential memory corruption and control by attackers Signup and view all the answers

What is the main risk associated with inadequate input validation in server-side scripts?

Potential SQL injection vulnerabilities Signup and view all the answers

How can setting cookies by web servers pose security risks?

Exposing sensitive session information to potential attackers Signup and view all the answers

ISEC 322: Design & Analysis of Sec Protocols - Quiz

Questions and Answers