Web Security: Trusted vs Untrusted Data

Questions and Answers

Which of the following is considered trusted data?

• Data that has passed through correct validation (correct)
• Data from an external database
• Form inputs from a web browser
• URL parameters

Which type of data is not trusted by a system?

• Code that you have written directly into the program
• Data that has passed through correct validation
• Program code
• Anything from $_GET (correct)

What does input sanitisation primarily focus on?

• Validating the length of the input
• Ensuring the data is a valid email address
• Checking if the data is in the expected format
• Removing or escaping unwanted characters (correct)

What is the primary purpose of input validation?

To check if the data meets the expected format and criteria (D)

What is a key characteristic of input validation?

It does not alter the data. (B)

Which of the following is a potential consequence of mixing untrusted data with SQL code?

SQL injection vulnerability (B)

Which of these is an example of untrusted data?

Data from $_POST (D)

What is the primary risk associated with using variables directly in SQL code?

Introduction of untrusted data (C)

What security vulnerability involves injecting malicious SQL code through user input?

SQL injection (A)

Which action is characteristic of input sanitisation?

Removing or escaping unwanted characters (B)

What is the term for data originating from outside the system that is not trusted?

Untrusted data (B)

What is the recommended approach to ensure SQL code safety?

Ensure SQL code consists of trusted data only (C)

Which of the following describes the main purpose of data filtering?

To assess whether the data is what we anticipate and is correctly formatted (A)

Given that the user enters a phone number into a form that requires an email address, which security measure is designed to recognize this discrepancy and respond appropriately?

Input validation (B)

If <> characters are converted into their corresponding HTML entity format, which type of security measure is being applied?

Input Sanitisation (A)

For a login page with username: 'student', password: 'password', which of the following is untrusted?

The username and password entered by the user (B)

In the context of web security, what does 'code injection' refer to?

The process of injecting malicious code into a system to alter its operation (B)

Why is it necessary to differentiate between trusted and untrusted data?

To mitigate security risks and prevent vulnerabilities like SQL injection and XSS (C)

Which of the following data filtering methods could lead to an error message if the incorrect data is entered?

Input validation (C)

Why should SQL code always consist of trusted data?

To avoid SQL injection vulnerabilities (A)

What is the main difference between input sanitisation and input validation?

Input sanitisation removes unwanted characters, while input validation checks if the data is correct. (D)

In the context of web security, what is the purpose of escaping characters?

To protect against cross-site scripting (XSS) attacks (B)

What is the potential outcome of not validating user input in a web application?

Vulnerability to attacks like SQL injection and cross-site scripting (XSS) (B)

Why is it important to sanitise data that will be displayed on a web page?

To prevent cross-site scripting (XSS) attacks (D)

Which of the following best describes the term 'untrusted data' in the context of web security?

Data that originates from external sources and cannot be relied upon (A)

How does using prepared statements help prevent SQL injection attacks?

By treating user input as data rather than executable code (A)

What is the primary goal of a cross-site scripting (XSS) attack?

To execute malicious scripts in the victim's web browser (C)

Which of the following is a common technique for sanitising HTML input to prevent XSS attacks?

Encoding special characters like < and > as HTML entities (C)

What type of untrusted data is typically acquired via $_COOKIE?

Cookies stored in the user's browser (C)

In the context of web security, which type of attack involves injecting malicious code into a database query?

SQL injection (D)

Which of the following is a key aspect of secure coding practices to prevent web vulnerabilities?

Treating all user input as untrusted data and validating/sanitising it (C)

What is the potential consequence of allowing users to upload arbitrary files to a web server without proper validation?

Vulnerability to malicious file execution and server compromise (B)

In the context of web security, what is 'output encoding' primarily used for?

To prevent the execution of malicious code in the user's browser (A)

Let's say a website requires users provide contact details; what potential security risk arises if a user enters JavaScript code into the 'Contact Name' form to trigger a popup?

It suggests vulnerability to Cross-Site Scripting (XSS) (C)

What measure can be implemented to mitigate the risk of a user entering JavaScript code into a 'Contact Name' form?

Apply input sanitization and validation (D)

Which of these is a tool or technique used to prevent SQL injection attacks?

Using prepared statements with parameterized queries (D)

What is a good way to ensure that the data stored in a database remains secure and not vulnerable to tampering?

The method to use depends on the specific database itself (C)

To help improve web security, what is a good practice?

Ensure that your system implements the latest security updates. (B)

What is the name of the process in which angle brackets (< and >) are encoded as HTML entities?

Input sanitisation (B)

Which of the following is a method of data filtering?

Input Sanitisation (C)

What action could be described as input sanitisation?

Removing or escaping unwanted characters (C)

Which of the following is an example of untrusted data?

Values obtained from $_GET (B)

What is the main purpose of input validation?

To check if the user's input is in the expected format (D)

Flashcards

Trusted Data

Data that the system trusts, including program code and data that has passed through correct validation.

Untrusted Data

Data the system doesn't trust, including external data, web browser inputs, and data from $_GET, $_POST, or $_COOKIE.

Input Sanitisation

Removing or escaping unwanted characters from input, often by quoting characters and HTML tags.

Input Validation

Checking if user input matches expected format and values, resulting in an error message if invalid.

SQL Injection

A type of code injection vulnerability where untrusted data is inserted into SQL queries, potentially allowing attackers to manipulate the database.

Study Notes

• Web security focuses on computer security issues within web development.
• SQL injection and cross-site scripting are code injection forms and common web vulnerabilities.

Trusted Data

• Data that the system trusts.
• Includes the program code itself.
• Includes data that has undergone correct validation.

Untrusted Data

• Data that the system does not trust.
• Includes data originating from outside the system.
• Includes data from external databases.
• Includes anything from a web browser, such as form inputs or URL parameters.
• Includes anything from $_GET, $_POST, or $_COOKIE.

Data Filtering: Input Sanitisation

• Removes or escapes unwanted characters.
• Usually involves quoting characters and HTML tags.
• Converts angle brackets into their HTML entity format for HTML.
• Does not verify if the data is correct.
• For email addresses, it removes inappropriate characters but does not check if the email is valid.

Data Filtering: Input Validation

• Checks user input to make sure it is formatted correctly and is of the expected type.
• Asks if the data being entered in the correct format
• Returns an error message if validation fails, does not alter the data.

SQL Injection

• Variables should not be directly inserted into SQL code, as SQL code should consist of trusted data only.
• Mixing variables in SQL code can introduce untrusted data.