Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Docsity AI
Docsity AI
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search for your university

Find the specific documents for your university's exams

Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

Web App Security Fundamentals: Cookies, Tokens, Timing Attacks, and More, Exams of Computer Science

Harvard UniversityComputer Science

A comprehensive review of various security aspects related to web applications, including cookies, session tokens, timing attacks, and content security policy (csp). It covers topics such as the correct handling of cookies, the role of session tokens, defenses against timing attacks, and the use of csp to restrict the source of contents. The document also delves into other areas like tcp/ip security problems, dnssec, emulator-based obfuscation, and malware analysis. It is a valuable resource for students and professionals seeking to understand web application security.

Typology: Exams

2023/2024

Available from 04/30/2024

Joejoski
Joejoski 🇺🇸

4.2

(48)

3.2K documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS6262 Final Study Set 71 Questions with Verified Answers 2024
Update.
T/F: An attacker that uses large botnet to make requests to a server to flood is an example
of amplification attack. - Correct answer True
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network Do’s. -
Correct answer False
Which of the following actors are part of the cybercrime underground economy?
Exploit Developers
Botnet Masters
Spammers
All of the above - Correct answer All of the above
Which of the following is/are NOT a potential network Do’s mitigation? Select multiple.
Client Puzzles
CAPTCHAs
Source Identification
Use only TCP
Increase UDP 3-way handshake - Correct answer CAPTCHAs
Use only TCP
Increase UDP 3-way handshake
In 2015, Godthab was a victim of a distributed denial of service attack. The attackers
injected malicious JavaScript code in Godthab’s web pages. - Correct answer False
T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies from the website
""https://gatech.edu"". The server is not able to distinguish the overwritten cookies from the
original cookies. This is an example of violation of session integrity. - Correct answer True
Which is INCORRECT regarding the session token?
Tokens will expire, but there should still be mechanisms to revoke them if necessary
Token size, like cookie size, is not a concern
The token must be stored somewhere
All of them - Correct answer Token size, like cookie size, is not a concern
T/F: The HTTPS lock icon on the webpage is only displayed after all elements on a webpage
are fetched using HTTPS, a valid HTTPS cert is issued by a trusted certificate authority for
all elements, and the domain in the URL matches Common Name or
SubjectAlternativeName in cert. - Correct answer True
P a g e 1 | 10
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Web App Security Fundamentals: Cookies, Tokens, Timing Attacks, and More and more Exams Computer Science in PDF only on Docsity!

CS6262 Final Study Set 71 Questions with Verified Answers 2024

Update.

T/F: An attacker that uses large botnet to make requests to a server to flood is an example of amplification attack. - Correct answer True T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network Do’s. - Correct answer False Which of the following actors are part of the cybercrime underground economy? Exploit Developers Botnet Masters Spammers All of the above - Correct answer All of the above Which of the following is/are NOT a potential network Do’s mitigation? Select multiple. Client Puzzles CAPTCHAs Source Identification Use only TCP Increase UDP 3-way handshake - Correct answer CAPTCHAs Use only TCP Increase UDP 3-way handshake In 2015, Godthab was a victim of a distributed denial of service attack. The attackers injected malicious JavaScript code in Godthab’s web pages. - Correct answer False T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies from the website ""https://gatech.edu"". The server is not able to distinguish the overwritten cookies from the original cookies. This is an example of violation of session integrity. - Correct answer True Which is INCORRECT regarding the session token? Tokens will expire, but there should still be mechanisms to revoke them if necessary Token size, like cookie size, is not a concern The token must be stored somewhere All of them - Correct answer Token size, like cookie size, is not a concern T/F: The HTTPS lock icon on the webpage is only displayed after all elements on a webpage are fetched using HTTPS, a valid HTTPS cert is issued by a trusted certificate authority for all elements, and the domain in the URL matches Common Name or SubjectAlternativeName in cert. - Correct answer True

The following question is from the recommended reading "Exposing Private Information by Timing Web Applications". Which of these are valid defenses by web applications to resist timing attacks? Adding random delay to the response Both the answer choices are correct Taking constant amount of time always for processing a request - Correct answer Taking constant amount of time always for processing a request You are visiting a page that contains two frames: http://example.com Links to an external site. And https://example.com Links to an external site... They can access each other's content directly. - Correct answer False T/F: HTTPS encrypts the host address to protect the user's privacy. - Correct answer False T/F: Content Security Policy (CSP) is an HTTP header that instructs the web browser to restrict the source of contents to load or execute. It prevents cross-site scripting, click jacking, and code injection attacks. - Correct answer True T/F: From the paper "A Look Back at "Security Problems in the TCP/IP Protocol Suite," it's safe to rely on the IP source address for authentication. - Correct answer False T/F: In Steve Frieda’s tech tips, he recommends people to run patched servers. However, patched servers might still be vulnerable. - Correct answer True Which of these is a TCP security problem: Eavesdropping Denial of service Packet sniffing All of the above - Correct answer All of the above T/F: TCP/IP packets are signed and not able to be forged or spoofed by the client - Correct answer False T/F: Randomizing just the initial sequence number completely prevents an attacker from guessing the right sequence number. - Correct answer False T/F: Address attestation is used to protect BGP from incorrect updates. - Correct answer True T/F: A downside of using DNS Pinning as a defense against DNS Rebinding attacks is that it makes the interaction with VPNs and proxies difficult. - Correct answer True What are some of the things to consider when trying to meet the transparency requirement for malware analysis?

Possible proprietary implementation of security defenses Trusting vendor's security model Inadequate support for security investigations All of the above - Correct answer All of the above Property-Preserving Encryption (PPE) is popular in cloud computing. Which of the follow is the PRIMARY weakness of PPE? Extremely inefficient Requires major change to application and database servers By design the encryption leaks information Does not support SQL queries - Correct answer by design the encryption leaks information T/F: Once data is encrypted and stored in the cloud, it is impossible for the cloud server to perform computation over the encrypted data. - Correct answer False T/F: Frequency analysis can be used to uncover sensitive data without the need for an encryption key. - Correct answer True Which of the following is an issue of oblivious RAM (ORAM)? ORAM cannot handle large files (e.g., huge video files) To use ORAM, the client must trust the cloud Many ORAM protocols consume extra communication bandwidth All ORAM protocols are susceptible to frequency analysis attacks (against the access patterns) - Correct answer Many ORAM protocols consume extra communication bandwidth T/F: Infrastructure As a Service (IA as) provides consumers the ability to create applications using programming languages and tools supported by the provider. - Correct answer False T/F: As hackers are aware of on-demand security controls provided by Cloud providers, they are not attractive targets for hackers. - Correct answer False Which cloud deployment model is shared by several organizations and supports a specific group that has shared concerns? Community Private Public Hybrid - Correct answer Community From the Pothunters paper, which of the following is not a part of pothunter’s detection architecture: C-Flow SLADE SCADE

Signature engine - Correct answer C-Flow Which of the following ways would be a good method to make detection harder for Bromine? Performing extremely slow scans Using legitimate websites as C&C Perform tasks days after receiving them i.e. extremely slowly All of the above - Correct answer All of the above According to the "Modeling Botnet Propagation Using Time Zones" paper, "Herding" is the process of Updating the DNS entries to point to a new server Grouping of botnets together to perform some the same action on the target Making the bots in a P2P network all perform the same task - Correct answer updating the DNS entries to point to a new server T/F: Obtainer inspects and relies on the content of C&C communication for the successful detection of botnets. - Correct answer False Which of these techniques and tools is used by the Pothunters system and as an Intrusion Detection System (IDS)? Binary analysis using IDA Pro Rule-based malware signatures generation using Snort Symbolic execution using Angry Network traffic analysis using Wire shark - Correct answer Rule-based malware signatures generation using Snort T/F: Malware is capable of differentiating between honeypots and normal computers. - Correct answer True T/F: Probing the IPv4 address space to understand the adoption of HTTPS certificates is an example of Internet-wide scanning. - Correct answer True T/F: Nap and Zap are optimized for very different purposes. Nap is frequently used for probing a large number of open ports on a small number of hosts, whereas Zap is optimized to probe a single port across a very large number of targets. - Correct answer True Which of the following is NOT an observation researchers have made regarding Certificate Authorities (CA)? CAs are ignoring foundational principles such as defense in depth and the principle of least privilege CAs are offering services that put the ecosystem as a whole at risk CAs are failing to recognize cryptographic reality Correctly deploying HTTPS is trivial - Correct answer correctly deploying HTTPS is trivial

PAYL is a very simple anomaly detection system that measures and models the frequency distribution of n-grams in traffic payloads. Which of the following network services cannot be measured and modeled by PAYL? HTTP Web content Email content PAYL can be used for all of the services listed - Correct answer PAYL can be used for all of the services listed T/F: A polymorphic attack has no predictable signature forth attack. - Correct answer True T/F: One possible countermeasure to polymorphic blending attacks is to introduce randomness into the IDS model. - Correct answer True T/F: As a ML engineer, you are developing a crawler to scrape the web and collect data to build a social media moderation system. The model trained with this data is only vulnerable to a data poisoning attack if the attacker owns the site you are scrapping. - Correct answer False T/F: If we can completely control the process of generating or collecting the training data and ascertain the authenticity and integrity of the dataset, we don't have to worry about data poisoning attacks - Correct answer True T/F: In clustering, we measure the distance between two examples with either Euclid or Mahalanobis distance. The distance will be smaller if the two examples are in the same cluster. - Correct answer True T/F: Replicating data and storing copies on multiple servers helps protect the integrity and availability of the data. - Correct answer True T/F: A bad actor would be able to double-spend a Bit coin if they controlled >50% of the total hashing power maintaining the block chain. - Correct answer True Consider a Shamir's Scheme for secret sharing with a setup (k=3, n=5). What is the minimum number of shares an attacker should know in order to recover the secret? 1 2 3 5 - Correct answer 3 T/F: If two Merle trees have the same root hashes, then their data blocks can be considered the same. - Correct answer True Which of the following mechanisms is NOT classified as Cold Storage for Bit coin wallets?

Wallet stored on a mobile phone which is frequently connected to the internet Tamperproof device Wallet stored on a device that is locked in a safe Paper wallet - Correct answer Wallet stored on a mobile phone which is frequently connected to the internet Wallet stored on a mobile phone which is frequently connected to the internet Hot storage should use a different secret key than the cold storage. Since hot storage can send coins to cold storage, hot storage can connect with the cold storage across network. Hot storage is offline so it is less risky. Only hot storage can receive coins because it is online. - Correct answer hot storage should use a different secret key than the cold storage. T/F: We can apply fault tolerance techniques directly to achieve attack tolerance by using replicas of a system. - Correct answer False Select all correct method(s) to achieve attack tolerance in a system. Using different security protection mechanisms for each instance of the system Adding more replicas. Adopting identical implementation on all levels in the technical stack for all replicas in the system. None of them - Correct answer Using different security protection mechanisms for each instance of the system Which of the following is not used for scanning in a Penetration Test? Nap John the ripper Icmpenum Fling - Correct answer John the Ripper A security company controls two websites "goodsecurity.com" and "learnhacking.com". A web page from "goodsecurity.com" wants to access content from the server of "learnhacking.com". Which of the following mechanisms can be used by the developers at "learnhacking.com" to allow "goodsecurity.com" to access their content? Content Security Policy Allow Page Access Policy Cross Origin Resource Sharing Same Origin Policy

Allow repairmen and visitors to walk around the office or sensitive areas without an escort. Never disclose passwords. Question people you don't know. - Correct answer Allow repairmen and visitors to walk around the office or sensitive areas without an escort.