Home
My Puzzles
FAQ
Report bug
Collected Puzzles
User listed puzzles
Random Puzzle
Log In/Out

Web site threats

B. Scales

IS308 chapter 7

1     2 3
      4
  5   6               7            
8                    
      9      
      10        
             
  11         12                
             
13                        
      14      
         
15                        
16      
17                      
       
18     19  
    20                
       
21           22  
    23             24
         
  25              
   
 

Across
1.____ injection wil allow the attacker to access, read, delete, and modify the information from a database and even take control of the server on which the database is running.
6.Cross-site _____________ ______________ attack creates links that take the visitor to a malicious destination uniform resource locator.
8.An integer __________ condition exists when an integer, which has not been properly sanity checked, is used in the determination of an offset or size for memory allocation, copying, concatenation, or similarly
11._____________ resource location is can be used to gain information about a company by gaining access into predictiable or default resources or locations.
13.The mail ____________ injection is design to attack mail servers and applications that use IMAP and SMTP protocols.
15.Abuse of _____________ takes advantage of the features of a Web site or a Web application to launch ab attack.
17.Operating system _______________ is an attack aimed at a system's OS.
20.Cross-site __________________ is to obtain browser cookies, security tokens, or any other personal information that can identify the client with the Web site and Web server.
21._____________ of Service attacks are designed to prevent legitimate use of a network service by flooding a network or Web application with more traffic or data than it can handle.
23.____________ detour attacks are a form of man-in-the-middle attacks in which an intermediary attacker re-routes data to an alternate location.
25.A buffer ___________ occurs in an application when more information is stored in the buffer than the space reserved for it.
Down
1.Content ___________ involves creating a fake Web site or Web application and fooling victims into thinking it is a legitimate one.
2._____________ file inclusion attacks commonly attempt to take advantage of weaknesses in the PHP propgramming language.
3.__________ - ________ include injection is an injection attack that ocurs on the server and not on the client system. Malicious code is placed in a Web application, which is stored on the server.
4.A ____________-_________ attack attempts to crack a cryptographic key or password simply by guessing.
5.Path _____________ attacks occur on any server or system where files are stored. The attacker attempts to circumvent acceptable file and directory areas to access files, directories, and data located elsewhere on the server.
7.A _______________ attack is used to gather as much information as possible about a target system, including the operating system used, Web application and version in use.
9.LDAP _______________ is an attack technique that exploits Web sites that allow LDAP statements from supplied input.
10.________ injection may allow an attaqcker to bypass authentication mechanisms and access XML information without proper authorization.
12.____________ or session prediction is an attack that involves impersonating the Web site user and then using the rights and privledges of that user on the site.
14.HTTP ____________ exploits a lack of input sanitization which allows an intruder to insert CR and LF characters into the headers of the application response and to 'split' that answer into two different HTTP messages.
16.HTTP ___________ leverages the different ways that a particularly crafted HTTP message can be parsed and interpreted by different agents (browsers, web caches, application firewalls).
18.____________ attempts to send data which may be acceptable to start, but is malformed to interrupt a query.
19.A session ___________ attack allows an attacker to steal and use a valid user session.
22.______________ strings and buffer overflow attacks share a similarity in that both attacks exploit user input.
24.______ injection attacks take advantage of trusting nature of an XML application.

Use the "Printable HTML" button to get a clean page, in either HTML or PDF, that you can use your browser's print button to print. This page won't have buttons or ads, just your puzzle. The PDF format allows the web site to know how large a printer page is, and the fonts are scaled to fill the page. The PDF takes awhile to generate. Don't panic!




Google
 
Web armoredpenguin.com

Copyright information Privacy information Contact us Blog