Week 13: Web Attacks

 

This week's online activity is about attacks that target Web Applications

 

1.     From the Lynda.com course Foundations of Programming: Web Security, watch the videos of Chapter 4 "The Most Common Attacks" at the following URL

http://www.lynda.com/Developer-Web-Development-tutorials/Cross-site-scripting-XSS/133330/163855-4.html

 

Check your understanding of these new concepts with this online Blackboard Quiz 

Question 1
In the Context of Web Application Attacks, Cross-Site Scripting (XXS) is a technique where
	A user tricks a server into running a script that was only tested on a different server	
	A user writes a script intended to be run by another user's web browser (correct)	
	A user writes a script intended to be run by a website's administrator
	A user writes a script intended to be run by another user's web server

Question 2
SQL Injection is an attack on a server based application where an attacker
	bypasses the application to interact with the RDBMS directly	
	uses stored procedures to steal information from the database	
	places SQL code artifacts into client input fields (correct)	
	steals a database userid and password from an application	
	inserts a back door into an RDBMS

Question 3
In the Context of Web Application Attacks, Cross-Site Scripting (XXS) is a technique where
	A user tricks a server into running a script that was only tested on a different server
	A user writes a script intended to be run by another user's web server
	A user writes a script intended to be run by a website's administrator
	A user writes a script intended to be run by another user's web browser (correct)