RDBMS Questions and Answers – Application Security

This set of RDBMS Multiple Choice Questions & Answers (MCQs) focuses on “Application Security”.

1. If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as _________
a) SQL attacks
b) SQL injection attacks
c) SQL usage attack
d) SQL destroyer attack
View Answer

Answer: b
Explanation: If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as SQL injection attacks.

2. An attack on a website that stores and displays text to a user is known as ______ attack
a) SQL attack
b) XSS attack
c) XRP attack
d) None of the mentioned
View Answer

Answer: b
Explanation: An attack on a website that stores and displays text to a user is known as XSS attack. It is called as cross site scripting attack.

3. The URL of the page that had the link that the user clicked to access the page is called as _____
a) Source
b) Linker
c) Leaker
d) Referrer
View Answer

Answer: d
Explanation: The URL of the page that had the link that the user clicked to access the page is called as referrer. The HTTP protocol allows the server to check the referrer.
advertisement
advertisement

4. State true or false: Password leakage is a major security problem
a) True
b) False
View Answer

Answer: a
Explanation: Password leakage is a major security problem because the leaked password grants access to malicious visitors.

5. The system where two independent pieces of data are used to identify a user is called as ______
a) Two system authentication
b) ID password authentication
c) Two factor authentication
d) Multi data authentication
View Answer

Answer: c
Explanation: The system where two independent pieces of data are used to identify a user is called as two-factor authentication. The two factors should not share a common vulnerability.
Note: Join free Sanfoundry classes at Telegram or Youtube

6. What are man in the middle attacks?
a) Users are forced to use a second server which causes the attack
b) Users are forced to divert to a fake site where the attack takes place
c) Users are fooled by similar GUI and data is extracted from them.
d) None of the mentioned
View Answer

Answer: b
Explanation: Man in the middle attacks are those attacks in which the users are forced to divert to a fake site where the attack takes place. The fake site is then used to obtain the data from the user.

7. What are phishing attacks?
a) Users are forced to use a second server which causes the attack
b) Users are forced to divert to a fake site where the attack takes place
c) Users are fooled by similar GUI and data is extracted from them.
d) None of the mentioned
View Answer

Answer: c
Explanation: Phishing attacks are those attacks in which users are fooled by similar GUI and data is extracted from them. The fake site is then used to obtain the data from the user.
advertisement

8. What is the standard for exchanging authentication and authorization information between two different security domains?
a) SABM
b) STML
c) SPTA
d) SAML
View Answer

Answer: d
Explanation: SAML (Security assertion Markup Language) is the standard for exchanging authentication and authorization information between two different security domains. This provides a cross-organization sign-on.

9. A log of all changes to the application data is called as __________
a) Audit trail
b) Audit log
c) Audit lead
d) Data log
View Answer

Answer: a
Explanation: A log of all changes to the application data is called as audit trail. This helps us maintain security as it tracks all the breaches on the system.
advertisement

10. Which of the following is a valid encryption technique?
a) Parallel key encryption
b) Public key encryption
c) Systematic key encryption
d) All of the mentioned
View Answer

Answer: b
Explanation: Out of the given options, only public key encryption is a valid approach to an encryption technique. In this, there are two different keys to encrypt the data.

Sanfoundry Global Education & Learning Series – RDBMS.

To practice all areas of RDBMS, here is complete set of 1000+ Multiple Choice Questions and Answers.

If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]

Related Posts:

advertisement

Recommended Articles:

  1. Database Questions and Answers – Application Security
  2. Cyber Security Questions and Answers – Attack Vectors – Web Application Vulnerabilities
  3. Cyber Security Questions and Answers – Password Cracking and Security Measures – 1
  4. Cyber Security Questions and Answers – Password Cracking and Security Measures – 2
  5. Cyber Security Questions and Answers – Network Models – TCP-IP Model Security
  6. Cyber Security Questions and Answers – Attack Vectors – DoS and DDoS
  7. 12 Best Books on Web Application and Security
  8. Cyber Security Questions and Answers – Attack Vectors – Session Hijacking
  9. Cyber Security Questions and Answers – Cyber Attacks Types
  10. RDBMS Questions and Answers – Application Architectures
advertisement
Additional Resources:
Popular Pages:
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.