This set of RDBMS Multiple Choice Questions & Answers (MCQs) focuses on “Application Security”.
1. If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as _________
a) SQL attacks
b) SQL injection attacks
c) SQL usage attack
d) SQL destroyer attack
View Answer
Explanation: If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as SQL injection attacks.
2. An attack on a website that stores and displays text to a user is known as ______ attack
a) SQL attack
b) XSS attack
c) XRP attack
d) None of the mentioned
View Answer
Explanation: An attack on a website that stores and displays text to a user is known as XSS attack. It is called as cross site scripting attack.
3. The URL of the page that had the link that the user clicked to access the page is called as _____
a) Source
b) Linker
c) Leaker
d) Referrer
View Answer
Explanation: The URL of the page that had the link that the user clicked to access the page is called as referrer. The HTTP protocol allows the server to check the referrer.
4. State true or false: Password leakage is a major security problem
a) True
b) False
View Answer
Explanation: Password leakage is a major security problem because the leaked password grants access to malicious visitors.
5. The system where two independent pieces of data are used to identify a user is called as ______
a) Two system authentication
b) ID password authentication
c) Two factor authentication
d) Multi data authentication
View Answer
Explanation: The system where two independent pieces of data are used to identify a user is called as two-factor authentication. The two factors should not share a common vulnerability.
6. What are man in the middle attacks?
a) Users are forced to use a second server which causes the attack
b) Users are forced to divert to a fake site where the attack takes place
c) Users are fooled by similar GUI and data is extracted from them.
d) None of the mentioned
View Answer
Explanation: Man in the middle attacks are those attacks in which the users are forced to divert to a fake site where the attack takes place. The fake site is then used to obtain the data from the user.
7. What are phishing attacks?
a) Users are forced to use a second server which causes the attack
b) Users are forced to divert to a fake site where the attack takes place
c) Users are fooled by similar GUI and data is extracted from them.
d) None of the mentioned
View Answer
Explanation: Phishing attacks are those attacks in which users are fooled by similar GUI and data is extracted from them. The fake site is then used to obtain the data from the user.
8. What is the standard for exchanging authentication and authorization information between two different security domains?
a) SABM
b) STML
c) SPTA
d) SAML
View Answer
Explanation: SAML (Security assertion Markup Language) is the standard for exchanging authentication and authorization information between two different security domains. This provides a cross-organization sign-on.
9. A log of all changes to the application data is called as __________
a) Audit trail
b) Audit log
c) Audit lead
d) Data log
View Answer
Explanation: A log of all changes to the application data is called as audit trail. This helps us maintain security as it tracks all the breaches on the system.
10. Which of the following is a valid encryption technique?
a) Parallel key encryption
b) Public key encryption
c) Systematic key encryption
d) All of the mentioned
View Answer
Explanation: Out of the given options, only public key encryption is a valid approach to an encryption technique. In this, there are two different keys to encrypt the data.
Sanfoundry Global Education & Learning Series – RDBMS.
To practice all areas of RDBMS, here is complete set of 1000+ Multiple Choice Questions and Answers.
- Apply for Computer Science Internship
- Check Computer Science Books
- Practice Computer Science MCQs
- Check RDBMS Books
