Home > Quiz: Could you detect an application attack?
Security Quiz:
EMAIL THIS

Quiz: Could you detect an application attack?

10 Jul 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

More Information

Learn how to improve application layer logging techniques

Download Application logging is critical in detecting hack attacks, and listen to this tip on your MP3 player.

As application layer attacks continue to rise, information security practitioners should use logging techniques to protect their application servers. Take this five-question quiz to test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these attacks.

1. Which of the following attacks is said to have arisen because the C programming language supplied the framework and poor programming practices supplied the vulnerability?
a. SQL injection
b. Buffer overflow
c. Cross-site scripting
d. SYN flood
Answer

2. Which of the following protocols can be used to ensure consistency in logging across applications, platforms and devices, governs network management, and monitors network devices and their functions?
a. EGP
b. IGP
c. RIP
d. SNMP
Answer

3. Which of the following statements about application logging is false?
a. Application logging can provide you with critical information in the event of a security incident.
b. Proactive monitoring will provide you with the ability to detect events in near real-time.
c. Reactive monitoring will offer invaluable assistance to forensic investigators.
d. It's difficult to start.
Answer

4. Which attack uses a multitude of compromised systems to send a flood of incoming messages to the target system to shut it down?
a. Denial-of-service attack
b. SYN flood attack
c. Distributed denial-of-service attack
d. None of the above
Answer

5. To improve the overall quality of Web applications, developers should abide by which of the following rules?
a. Trust user supplied data.
b. Clean and validate all user input.
c. Use GET instead of POST.
d. Allow the use of HIDDEN form fields.
Answer

BROWSE BY TAG
Application and Platform Security,   Web Security Tools and Best Practices,   Web Application Security,   Securing Productivity Applications,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Web Application Security
Black box and white box testing: Which is best?
InZero Systems launches hardware-based security gateway
Web application vulnerability assessment shows patching progress
Preventing SQL injection attacks: A network admin's perspective
Cisco acquires SaaS security vendor ScanSafe
Web application firewall use goes beyond compliance, company finds
Gumblar Trojan drive-by exploits spike following Adobe update
Some Facebook applications lead to Russian attack sites
Barracuda acquires Purewire expanding Web security reach
An enterprise strategy for Web application security threats

Securing Productivity Applications
Quiz: How to build secure applications
How to detect software tampering
Adobe fixes 29 flaws in Acrobat, Reader
Adobe warns of critical update for Reader, Acrobat 9.1.3
Why should we place data files on a separate partition than the OS?
Adobe updates ColdFusion, JRun, Flex
Serious Adobe Flash flaw being exploited
Adobe acknowledges serious Flash zero-day vulnerability
Adobe issues security advisory for Flash zero-day flaw
When to use the service features of the Metasploit hacking tool

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
anonymous Web surfing  (SearchSecurity.com)
buffer overflow  (SearchSecurity.com)
cache cramming  (SearchSecurity.com)
cookie poisoning  (SearchSecurity.com)
dictionary attack  (SearchSecurity.com)
distributed denial-of-service attack  (SearchSecurity.com)
JavaScript hijacking  (SearchSecurity.com)
National Computer Security Center  (SearchSecurity.com)
threat modeling  (SearchSecurity.com)
trigraph  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary




Search Additional Security Research and Solutions
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts