Web 2.0: Technology and Security

Questions and Answers

What is a characteristic of Web 2.0 sites?

Minimal use of client-side logic

Extensive use of JavaScript, XMLHttpRequests, and client-side logic (correct)

No use of XMLHttpRequests

Limited use of JavaScript

What is the main reason why Web 2.0 security gets attention?

Growth in usage leading to an increase in vulnerabilities (correct)

Decrease in usage

Lack of research in the area

Less massive usage of Web 2.0 sites

What is the primary function of the XMLHttpRequest JavaScript object?

To change the Web site's layout

To generate dynamic content

To refresh the UI

To allow background communication with the server (correct)

What is an example of a technology that generates and presents Web pages via a Web server?

Apache (A)

What is a characteristic of an AJAX application?

One page application with lots of client-side logic (C)

What is the restriction imposed on the XMLHttpRequest JavaScript object?

Same Origin Policy (A)

What is the primary function of the Business Logic tier?

To perform required calculations and manage access to corporate resources (D)

What is the common technology used in the Data Tier?

Relational Database Management Systems (RDBMS) (A)

What is the purpose of URL encoding?

To ensure that only allowed characters are used in URLs (C)

What is the commonly encoded character in a URL?

Plus-sign (+) (C)

What is the breakdown of a URL?

Protocol, host name, port, document path, and query (D)

What is an example of a URL?

http://www.example.com:80/products/default.aspx?articleId=4 (A)

What is the primary function of the Client Tier in a Web Application?

To handle user-level input and output (C)

What is the main difference between a Website and a Web Application?

A Website provides access to static documents, while a Web Application takes user input (B)

What is the purpose of the Same Origin Policy?

To prevent scripts from accessing data from different origins (A)

What is the primary function of JavaScript in the Client Tier?

To validate user input and dynamically change the interface (D)

What is the main characteristic of HTML?

It is a markup language used to create graphical pages (B)

What is the purpose of the middle tier in a Web Application?

To interact with backend servers and perform business logic (D)

What is the term used to describe the interaction between a script and a website?

Scripting (B)

What is the purpose of URL encoding in Web applications?

To ensure that data is sent in a special format to prevent errors (B)

What does the HTTP status code 1XX represent?

Informational (C)

What is the primary function of the Web Server in a Web Application?

To interact with backend servers and perform business logic (A)

What is the main difference between HTTP GET and POST requests?

GET requests are used for retrieving data, while POST requests are used for sending data (B)

What is the purpose of the HTTP protocol?

To transfer information on intranets and the World Wide Web (A)

What is the primary purpose of the Data Tier in a Web Application?

To store and manage data (C)

What is the HTTP status code range for successful requests?

2XX (D)

What is the purpose of the % symbol in URL encoding?

To indicate the hexadecimal representation of a character (A)

What is the HTTP status code range for redirection?

3XX (D)

What is the purpose of the TRACE request method?

To test or diagnose the request chain (D)

What is a characteristic of HTTP?

It is stateless (C)

What is the purpose of the HEAD request method?

To retrieve header information only (D)

What is the term for managing individual user requests in context?

Session management (A)

What is the purpose of the OPTIONS request method?

To request information about communication options (C)

What is the term for the three tiers of a Web application?

Client, middle, and data (B)