Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 17: Web Components

Full screen (f)
exit full mode
Question
The Terms RC4 and 3DES refer to

A)Protocols used by servers to create dynamic websites
B)Encryption algorithms used to encrypt data
C)Protocols used to create directories for web services
D)Classes of XML protocols used for web services
Use Space or
up arrow
down arrow
to flip the card.
Question
Which are the most common exploit used to hack into a system?

A)Buffer overflows
B)Birthday attacks
C)Weak key attacks
D)Man-in-the-middle attacks
Question
A buffer overflow can best be described as

A)A hacker who makes a website that has more content than the browser can handle
B)A hacker who sends more data than is expected in an attempt to overwrite legitimate memory
C)A hacker who uses an e-mail virus to format the hard drive with junk code
D)A hacker who sends repeated requests for information from a server in an attempt to crash the server
Question
The Open Vulnerability and Assessment Language (OVAL)___________.

A)Is an XML framework for describing vulnerabilities
B)Is a framework for UDDI data structures to be passed between applications in a language-neutral and platform-independent fashion
C)Is used by web browsers to block harmful java scripts from executing on a system
D)Is used by a web browser to clean cookies and spy ware off the system hard drive
Question
The SFTP protocol incorporates what into FTP?

A)SSL
B)Secure java scripting
C)28 bit encryption key
D)the TCP protocol
Question
Which of the following in a browser guarantees perfect security?

A)SSL/TLS
B)SSH
C)Secure java scripting
D)There is no guarantee of perfect security.
Question
One way a user can feel confident that the code they are downloading is from a legitimate vendor and has not been modified is with the implementation of

A)SSL
B)Authenticode
C)SFTP
D)HTTPS
Question
SSMTP uses TCP port

A)25
B)110
C)465
D)456
Question
Common Gateway Interface (CGI)security issues include

A)Poorly configured CGIs can crash when users input unexpected data.
B)CGI can only be programmed in one insecure language.
C)CGI can only perform one process at a time making it very susceptible to denial of service attacks.
D)CGI will only work with Internet Explorer.
Question
Running Java applets from the Web on your system is considered

A)A security risk
B)Not risky
C)Somewhat secure
D)Very secure
Question
TCP Ports 989 and 990 are associated with what application?

A)SSL/TLS 3.0
B)SPOP3
C)SFTP
D)FTPS
Question
Which is a 100% secure method to download applications from the Internet?

A)Signed applets
B)SSH
C)HTTPS
D)There is none.
Question
Which of the following URL segments signifies that it is secure for transmission over the Internet?

A)wwws
B)https
C)shtml
D)aspx
Question
ActiveX refers to

A)A collection of APIs,protocols,and programs developed by Microsoft to automatically download and execute code over the Internet
B)A library of security protocols for Microsoft's Internet Explorer
C)A patch to fix a vulnerability that hackers exploit where the user downloads an MP3 file and the buffers of the sound card are overwritten
D)A method of blocking java scripts that comes from non Microsoft web sites
Question
Your boss would like you to make company files available to the general public,but does not want you to have to create user accounts for anyone that would want access to the file transfer.In this case you should use

A)FTP
B)Blind FTP
C)SFTP
D)FTPS
Question
HTTPS uses TCP port

A)433
B)443
C)344
D)434
Question
Which is more secure?

A)Common Gateway Interface (CGI)
B)Server side scripting
C)Third-party scripting
D)All are equally secure
Question
Which of the following do not enhance the security of the browser?

A)Browser plug-ins
B)Patches
C)Disabling javascript
D)Rejecting cookies
Question
The protocol that provides a method for the transfer of files,both to and from a server is

A)Telnet
B)SSH
C)SNMP
D)FTP
Question
With the RSA and Diffie-Hellman handshakes

A)The server and the client agree on what type of browser to use.
B)Parameters are agreed upon and certificates and keys are exchanged.
C)Parameters are agreed upon so that java scripts cannot execute inside the client system.
D)Office applications are able to e-mail secure documents.
Question
FTP encrypts traffic by default.
Question
Buffer overflows,while a dangerous form of code vulnerability,are the least common.
Question
_______________ are small application programs that increase a browser's ability to handle new data types and new functionality.
Question
CVE provides security personnel with a common language to use when discussing vulnerabilities.
Question
Telnet is used to upload and download files.
Question
To enable interoperability the __________ standard was created as a standard for directory services.
Question
Inlining is using an embedded control from another site,with or without the other site's permission.
Question
_______________ are small chunks of ASCII text passed within an HTTP stream to store data temporarily in a web browser instance.
Question
The presence of the keyword "secure" in a cookie indicates that it can only be accessed by the web site that placed it there in the first place.
Question
_______________ is the name given to a broad collection of application programming interfaces (APIs),protocols,and programs developed by Microsoft to download and execute code automatically over an internet based channel.
Question
Authenticode is used to encrypt program code so that it is more difficult for hackers to reverse engineer it.
Question
Using SSL protects your data from interception by devices such as key loggers.
Question
_______________ are pieces of code that can execute within the browser environment.
Question
HTTPS uses TCP port 443.
Question
_______________ is using an embedded control from another site with or without the other site's permission.
Question
_______________ is an application-level protocol that operates over a wide range of lower level protocols.
Question
_______________ was the original method for having a web server execute a program outside the web server process but on the same server.
Question
_______________ is a system that uses digital signatures and allows Windows users to determine who produced a specific piece of code and whether or not the code has been altered.
Question
HTTP uses TCP port 8080.
Question
_______________ is a general-purpose protocol developed by Netscape for managing the encryption of information being transmitted over the internet.
Question
Describe the functioning of the SSL/TLS suite.
Question
What are some of the security issues associated with web applications and plug-ins?
Question
As a network administrator,what are some of the options you have for providing secure file transfer?
Question
What are some of the security concerns regarding scripting?
Question
What are some security issues related to web-based applications?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/45
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 17: Web Components
1
The Terms RC4 and 3DES refer to

A)Protocols used by servers to create dynamic websites
B)Encryption algorithms used to encrypt data
C)Protocols used to create directories for web services
D)Classes of XML protocols used for web services
B
2
Which are the most common exploit used to hack into a system?

A)Buffer overflows
B)Birthday attacks
C)Weak key attacks
D)Man-in-the-middle attacks
A
3
A buffer overflow can best be described as

A)A hacker who makes a website that has more content than the browser can handle
B)A hacker who sends more data than is expected in an attempt to overwrite legitimate memory
C)A hacker who uses an e-mail virus to format the hard drive with junk code
D)A hacker who sends repeated requests for information from a server in an attempt to crash the server
B
4
The Open Vulnerability and Assessment Language (OVAL)___________.

A)Is an XML framework for describing vulnerabilities
B)Is a framework for UDDI data structures to be passed between applications in a language-neutral and platform-independent fashion
C)Is used by web browsers to block harmful java scripts from executing on a system
D)Is used by a web browser to clean cookies and spy ware off the system hard drive
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
5
The SFTP protocol incorporates what into FTP?

A)SSL
B)Secure java scripting
C)28 bit encryption key
D)the TCP protocol
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following in a browser guarantees perfect security?

A)SSL/TLS
B)SSH
C)Secure java scripting
D)There is no guarantee of perfect security.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
7
One way a user can feel confident that the code they are downloading is from a legitimate vendor and has not been modified is with the implementation of

A)SSL
B)Authenticode
C)SFTP
D)HTTPS
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
8
SSMTP uses TCP port

A)25
B)110
C)465
D)456
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
9
Common Gateway Interface (CGI)security issues include

A)Poorly configured CGIs can crash when users input unexpected data.
B)CGI can only be programmed in one insecure language.
C)CGI can only perform one process at a time making it very susceptible to denial of service attacks.
D)CGI will only work with Internet Explorer.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
10
Running Java applets from the Web on your system is considered

A)A security risk
B)Not risky
C)Somewhat secure
D)Very secure
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
11
TCP Ports 989 and 990 are associated with what application?

A)SSL/TLS 3.0
B)SPOP3
C)SFTP
D)FTPS
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
12
Which is a 100% secure method to download applications from the Internet?

A)Signed applets
B)SSH
C)HTTPS
D)There is none.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following URL segments signifies that it is secure for transmission over the Internet?

A)wwws
B)https
C)shtml
D)aspx
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
14
ActiveX refers to

A)A collection of APIs,protocols,and programs developed by Microsoft to automatically download and execute code over the Internet
B)A library of security protocols for Microsoft's Internet Explorer
C)A patch to fix a vulnerability that hackers exploit where the user downloads an MP3 file and the buffers of the sound card are overwritten
D)A method of blocking java scripts that comes from non Microsoft web sites
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
15
Your boss would like you to make company files available to the general public,but does not want you to have to create user accounts for anyone that would want access to the file transfer.In this case you should use

A)FTP
B)Blind FTP
C)SFTP
D)FTPS
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
16
HTTPS uses TCP port

A)433
B)443
C)344
D)434
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
17
Which is more secure?

A)Common Gateway Interface (CGI)
B)Server side scripting
C)Third-party scripting
D)All are equally secure
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following do not enhance the security of the browser?

A)Browser plug-ins
B)Patches
C)Disabling javascript
D)Rejecting cookies
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
19
The protocol that provides a method for the transfer of files,both to and from a server is

A)Telnet
B)SSH
C)SNMP
D)FTP
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
20
With the RSA and Diffie-Hellman handshakes

A)The server and the client agree on what type of browser to use.
B)Parameters are agreed upon and certificates and keys are exchanged.
C)Parameters are agreed upon so that java scripts cannot execute inside the client system.
D)Office applications are able to e-mail secure documents.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
21
FTP encrypts traffic by default.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
22
Buffer overflows,while a dangerous form of code vulnerability,are the least common.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
23
_______________ are small application programs that increase a browser's ability to handle new data types and new functionality.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
24
CVE provides security personnel with a common language to use when discussing vulnerabilities.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
25
Telnet is used to upload and download files.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
26
To enable interoperability the __________ standard was created as a standard for directory services.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
27
Inlining is using an embedded control from another site,with or without the other site's permission.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
28
_______________ are small chunks of ASCII text passed within an HTTP stream to store data temporarily in a web browser instance.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
29
The presence of the keyword "secure" in a cookie indicates that it can only be accessed by the web site that placed it there in the first place.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
30
_______________ is the name given to a broad collection of application programming interfaces (APIs),protocols,and programs developed by Microsoft to download and execute code automatically over an internet based channel.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
31
Authenticode is used to encrypt program code so that it is more difficult for hackers to reverse engineer it.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
32
Using SSL protects your data from interception by devices such as key loggers.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
33
_______________ are pieces of code that can execute within the browser environment.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
34
HTTPS uses TCP port 443.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
35
_______________ is using an embedded control from another site with or without the other site's permission.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
36
_______________ is an application-level protocol that operates over a wide range of lower level protocols.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
37
_______________ was the original method for having a web server execute a program outside the web server process but on the same server.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
38
_______________ is a system that uses digital signatures and allows Windows users to determine who produced a specific piece of code and whether or not the code has been altered.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
39
HTTP uses TCP port 8080.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
40
_______________ is a general-purpose protocol developed by Netscape for managing the encryption of information being transmitted over the internet.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
41
Describe the functioning of the SSL/TLS suite.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
42
What are some of the security issues associated with web applications and plug-ins?
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
43
As a network administrator,what are some of the options you have for providing secure file transfer?
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
44
What are some of the security concerns regarding scripting?
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
45
What are some security issues related to web-based applications?
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree