Quiz: Secure Web directories and development

Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management.

This Content Component encountered an error
By Michael Cobb



1.) Which is the best directory structure for a Web site that includes static and dynamic content?

a. E: \inetpub\wwwroot\mywebsite

b. C: \inetpub\wwwroot\mywebsite

c. E: \inetpub\wwwroot\myserver\scripts
E: \inetpub\wwwroot\myserver\static

d. C: \inetpub\wwwroot\myserver\scripts
C: \inetpub\wwwroot\myserver\static

e. E: \inetpub\wwwroot\myserver\executables
E: \inetpub\wwwroot\myserver\static

Answer


Web Security School

Download the PDF version of the Secure Web directories and development quiz.

Return to Web attack prevention and defense.

Return to Intrusion Defense School.

2.) Which option is not a reason for validating data received from a Web form before processing it?

a. The user might have misspelled their name
b. The user might have entered an invalid date
c. The data may contain malicious code
d. The data may be of the wrong type
e. None of the above

Answer


3.) True or False: Hidden form fields are a safe way to pass sensitive information from one form to another.

Answer


4.) Your Windows IIS Web server has been attacked and you think the hacker has gained access to your database server that contains customer details and orders received via the Internet. What is the first thing you should do?

a. Disconnect all compromised machines from your network
b. Reboot the server and log on as the local administrator
c. Consult your security policy
d. Determine if the Web server is running a network sniffer
e. Create a backup of your system

Answer


5.) Even if your Web server is initially set up in a perfectly secure and pristine state, it will degrade over time. Which factor can speed up this degradation?

a. Using Windows IIS instead of Linux
b. Having a very popular Web site
c. Having a lot of administrators with access to the server
d. Having regular vulnerability assessments
e. Regularly changing the contents of the home page

Answer

Take the final exam

This was first published in June 2005

Dig deeper on Web Server Threats and Countermeasures

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close