Lecture 10: Security

HideShow resource information
What is Data Sanitisation? (Filtering)
It is the process used to clean data. It's typically used to remove malicious code and other unwanted information from the original data input. For example, special characters, unwanted/malicious code or HTML tags.
1 of 7
What is the first step of the Reflected XSS Process?
Construct a link where malicious code is attached as parameters of a valid URL. http:..localhost/text.php?name=malicious+code
2 of 7
What is the second step in the persistent XSS Process?
The server tores the code and displays it as a permanent part of normal pages which can be viewed by other unknowing users.
3 of 7
Which doesn't apply to Email Injection?
An attacker posts a message containing malicious script to a message board.
4 of 7
What isn't SQL Injection?
An attacker posts a message containing malicious script to a message board.
5 of 7
What is Data Validation?
It is a process to check if the data meets certain predefined requirements. For example, password calidation (must be 8-12 chatacters and contain numbers/caps.
6 of 7
Which is not general good practice?
If there seems to be an issue, just turn it on and off again.
7 of 7

Other cards in this set

Card 2

Front

What is the first step of the Reflected XSS Process?

Back

Construct a link where malicious code is attached as parameters of a valid URL. http:..localhost/text.php?name=malicious+code

Card 3

Front

What is the second step in the persistent XSS Process?

Back

Preview of the front of card 3

Card 4

Front

Which doesn't apply to Email Injection?

Back

Preview of the front of card 4

Card 5

Front

What isn't SQL Injection?

Back

Preview of the front of card 5
View more cards

Comments

No comments have yet been made

Similar Computing resources:

See all Computing resources »See all Web Technology Integration resources »