9.1 Web Applications

A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack?

As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view.

Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?

Which of the following methods should you use to prevent SQL injection attacks?

What type of attack has occurred?

Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?

Which of the following are subject to SQL injection attacks?

Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or gather personal information?

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?

An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred?

What is the most common attack waged against Web servers?