Types of Cookies and Functions

Questions and Answers

What type of cookie is deleted when the browser is closed?

• Session Cookie (correct)
• First-Party Cookie
• Third-Party Cookie
• Persistent Cookie

What is the primary function of authentication cookies?

• To store user preferences
• To protect user data
• To verify user identity (correct)
• To track user behavior

What component of a cookie specifies the URL path it is valid for?

• Expiration Date
• Domain
• Secure
• Path (correct)

What security concern involves the unauthorized access to cookies?

Cookie Theft (B)

What type of cookie is set by a website other than the one being visited?

Third-Party Cookie (A)

What is the purpose of the HttpOnly flag in a cookie?

To prevent JavaScript access (A)

Flashcards are hidden until you start studying

Study Notes

Types of Cookies

• Session Cookies: temporary cookies that are deleted when the browser is closed
• Persistent Cookies: remain on the user's device until they expire or are manually deleted
• First-Party Cookies: set by the website being visited
• Third-Party Cookies: set by a website other than the one being visited

Cookie Functions

• Authentication: verify user identity and maintain login sessions
• Personalization: store user preferences and tailor the user experience
• Tracking: monitor user behavior and collect data for analytics and advertising
• Security: prevent fraud and protect user data

Cookie Components

• Name: a unique identifier for the cookie
• Value: the data stored in the cookie
• Expiration Date: the date and time the cookie will expire
• Domain: the domain or website that set the cookie
• Path: the URL path the cookie is valid for
• Secure: indicates whether the cookie should be transmitted over a secure connection
• HttpOnly: indicates whether the cookie should be accessible to JavaScript

Cookie Security Concerns

• Cross-Site Scripting (XSS): injection of malicious scripts to access or steal cookies
• Cross-Site Request Forgery (CSRF): unauthorized actions performed on a user's behalf using cookies
• Cookie Theft: unauthorized access to cookies, potentially leading to identity theft or data breaches

Types of Cookies

• Session cookies are temporary and deleted when the browser is closed.
• Persistent cookies remain on the user's device until they expire or are manually deleted.
• First-party cookies are set by the website being visited.
• Third-party cookies are set by a website other than the one being visited.

Cookie Functions

• Authentication verifies user identity and maintains login sessions.
• Personalization stores user preferences and tailors the user experience.
• Tracking monitors user behavior and collects data for analytics and advertising.
• Security prevents fraud and protects user data.

Cookie Components

• A cookie has a unique name, which identifies it.
• The value is the data stored in the cookie.
• The expiration date is the date and time the cookie will expire.
• The domain is the domain or website that set the cookie.
• The path is the URL path the cookie is valid for.
• The secure flag indicates whether the cookie should be transmitted over a secure connection.
• The HttpOnly flag indicates whether the cookie should be accessible to JavaScript.

Cookie Security Concerns

• Cross-Site Scripting (XSS) involves the injection of malicious scripts to access or steal cookies.
• Cross-Site Request Forgery (CSRF) involves unauthorized actions performed on a user's behalf using cookies.
• Cookie theft can lead to identity theft or data breaches.