Web 2.0: Technology and Security

Questions and Answers

What is a characteristic of Web 2.0 sites?

Minimal use of client-side logic

Extensive use of JavaScript, XMLHttpRequests, and client-side logic (correct)

No use of XMLHttpRequests

Limited use of JavaScript

What is the main reason why Web 2.0 security gets attention?

Growth in usage leading to an increase in vulnerabilities (correct)

Decrease in usage

Lack of research in the area

Less massive usage of Web 2.0 sites

What is the primary function of the XMLHttpRequest JavaScript object?

To change the Web site's layout

To generate dynamic content

To refresh the UI

To allow background communication with the server (correct)

What is an example of a technology that generates and presents Web pages via a Web server?

Apache

What is a characteristic of an AJAX application?

One page application with lots of client-side logic

What is the restriction imposed on the XMLHttpRequest JavaScript object?

Same Origin Policy

What is the primary function of the Business Logic tier?

To perform required calculations and manage access to corporate resources

What is the common technology used in the Data Tier?

Relational Database Management Systems (RDBMS)

What is the purpose of URL encoding?

To ensure that only allowed characters are used in URLs

What is the commonly encoded character in a URL?

Plus-sign (+)

What is the breakdown of a URL?

Protocol, host name, port, document path, and query

What is an example of a URL?

http://www.example.com:80/products/default.aspx?articleId=4

What is the primary function of the Client Tier in a Web Application?

To handle user-level input and output

What is the main difference between a Website and a Web Application?

A Website provides access to static documents, while a Web Application takes user input

What is the purpose of the Same Origin Policy?

To prevent scripts from accessing data from different origins

What is the primary function of JavaScript in the Client Tier?

To validate user input and dynamically change the interface

What is the main characteristic of HTML?

It is a markup language used to create graphical pages

What is the purpose of the middle tier in a Web Application?

To interact with backend servers and perform business logic

What is the term used to describe the interaction between a script and a website?

Scripting

What is the purpose of URL encoding in Web applications?

To ensure that data is sent in a special format to prevent errors

What does the HTTP status code 1XX represent?

Informational

What is the primary function of the Web Server in a Web Application?

To interact with backend servers and perform business logic

What is the main difference between HTTP GET and POST requests?

GET requests are used for retrieving data, while POST requests are used for sending data

What is the purpose of the HTTP protocol?

To transfer information on intranets and the World Wide Web

What is the primary purpose of the Data Tier in a Web Application?

To store and manage data

What is the HTTP status code range for successful requests?

2XX

What is the purpose of the % symbol in URL encoding?

To indicate the hexadecimal representation of a character

What is the HTTP status code range for redirection?

3XX

What is the purpose of the TRACE request method?

To test or diagnose the request chain

What is a characteristic of HTTP?

It is stateless

What is the purpose of the HEAD request method?

To retrieve header information only

What is the term for managing individual user requests in context?

Session management

What is the purpose of the OPTIONS request method?

To request information about communication options

What is the term for the three tiers of a Web application?

Client, middle, and data