Web Sec Quiz-Cat-309 PDF

Question Details of Subject :QUIZ-CAT-309
Page 1 of 37
Unit Code Group 1 Group 2 Group 3 Unit Wise Total Total Questions : 155
1 49 0 0 49
2 0 47 2 49
3 1 3 53 57
Group Wise Total 50 50 55
QNo Question Id Question Description

1 1376741
Unit : 1, Group : 1
In the right setting a thief will steal your information by simply watching what
you type.
1.snagging
2.spying
3.shoulder surfing (Right)
4.
2 1376742
Unit : 1, Group : 1
A __________ is a small program embedded inside of a GIF image.
1.web bug (Right)

2. cookie
3. spyware application
4.
3 1376749
Unit : 1, Group : 1
A hacker that changes or forges information in an electronic resource, is engaging in __________.
1. data diddling (Right)

2.sniffing
3.denial of service
4.
Note: This view may vary from the view shown to student during online Test.
University Information System - By - ERP Division Thursday, November 14, 2019 2:34:29 AM
Page 2 of 37
4 1376751
Unit : 1, Group : 1
Hackers often gain entry to a network be pretending to be at a legitimate computer.
1. spoofing
2. forging
3. IP spoofing (Right)
4.
5 1376758
Unit : 1, Group : 1
SQL injection is an attack in which _________ code is inserted into strings that are later passed to
an
instance of SQL Server.
1.malicious (Right)
2.redundant
3. clean
4.
6 1376759
Point out the correct statement :
Unit : 1, Group : 1
1.Parameterized data cannot be manipulated by a skilled and determined attacker

2.Procedure that constructs SQL statements should be reviewed for injection vulnerabilities (Right)
3.The primary form of SQL injection consists of indirect insertion of code
4.
7 1376760
Any user-controlled parameter that gets processed by the application includes vulnerabilities like :
Unit : 1, Group : 1
1.Host-related information
2.Browser-related information
3.Application parameters included as part of the body of a POST request
4.All of the mentioned (Right)
Page 3 of 37
8 1376768 What are two primary types of XSS vulnerabilities?
Unit : 1, Group : 1 1.Reflected and Stored (Right)

2. Denial-of-Service and Sniffer
3. Identity Spoofying and Password-Based
4.
9 1378086
Unit : 1, Group : 1
One common strategy to prevent XSS vulnerabilities is to:
1.Educate your users to recognize safe vs. unsafe web pages.

2.Escape user's input is valid as soon as possible (Right)
3.Avoid using JavaScript in your site.
4.
10 1378088
Unit : 1, Group : 1
If a site has an unusually short session timeout (e.g.: 2 minutes) and has an unusually large Logout
button on the top of every page, one might assume that the site is trying to prevent what type of
attack?
1.Cross-Site Request Forgery (CSRF)

2.Cross-Site Scripting (XSS)
3.Session Management (Right)
4.
11 1378089
Unit : 1, Group : 1
In what type of attack does an intruder manipulate a URL in such a way that the Web server
executes or reveals the contents of a file anywhere on the server, including those lying
outside the document root directory?
1.cross-site scripting
2.command injection
3.path traversal attacks (Right)
4.
Page 4 of 37
12 1378096
Unit : 1, Group : 1
In which of the following exploits does an attacker insert malicious coding into a link that
appears to be from a trustworthy source?
1.cross-site scripting (Right)

2.command injection
3.path traversal attack
4.
13 1378097
Unit : 1, Group : 1
_________ is an attack which forces an end user to execute unwanted actions on a web application
in which he/she is currently authenticated.
1.Two-factor authentication
2.Cross-site request forgery (Right)
3.Cross-site scripting
4.
14 1378102
Unit : 1, Group : 1
Even with two-factor authentication, users may still be vulnerable to_____________attack.
1.Radiant
2.Cross attack
3.Man-in-the-middle (Right)
4.
15 1378103
Unit : 1, Group : 1
A single ______________ further allows the user to be authenticated once, and multiple applications
can then verify the user¶s identity through an authentication service without requiring
reauthentication.
1.OpenID
2.Sign-on system (Right)
3.security Assertion Markup Language (SAML)
4.
Page 5 of 37
16 1378890
Unit : 1, Group : 1
Applications that create queries dynamically, can be considered as a risk source of
1.Active attacks
2.Passive attacks
3.Injection (Right)
4.
17 1390849
Unit : 1, Group : 1
How does an antivirus of today identify viruses ?
1.Previously known patterns (Right)

2.It can detect unknown patterns
3.It can take high priority to increase scanning speed
4.
18 1390856
Unit : 1, Group : 1
What is are two safe computing practices ?
1. Not to open software from unknown vendors (Right)

2.Open and execute programs in admin level/root
3.Open and execute programs in presence of antivirus
4.
19 1412464
Unit : 1, Group : 1
What are the types of scanning?
1.Network, vulnerability, and port (Right)

2.Port, network, and services
3.Passive, active, and interactive
4.
Page 6 of 37
20 1412472
Unit : 1, Group : 1
What is the best statement for taking advantage of a weakness in the security of an IT system?
1.Threat
2.Attack
3.Exploit (Right)
4.
21 1413240
Unit : 1, Group : 1
Which object can help you maintain data across users?
1.Application object (Right)

2. Session object
3.Response object
4.
22 1413242
Unit : 1, Group : 1
Which of the following ASP.NET object encapsulates the state of the client?
1.Session object (Right)

2. Application object
3.Response object
4.
23 1413251
Unit : 1, Group : 1
An attempt to make a computer resource unavailable to its intended users is called
1.denial-of-service attack (Right)

2.virus attack
3.worms attack
4.
Page 7 of 37
24 1413252
Unit : 1, Group : 1
Extensible authentication protocol is authentication framework frequently used in
1.wireless networks (Right)

2. wired local area network
3.wired personal area network

4.
25 1413258
Unit : 1, Group : 1
Keyloggers are a form of ______________.
1.Spyware (Right)
2.Shoulder surfing
3.Trojan
4.
26 1413259
Unit : 1, Group : 1
Services running on a system are determined by _____________.
1.The Active Directory

2.The system¶s network name
3.The port assigned (Right)
4.
27 1376736
Unit : 1, Group : 1
Which of the following security principles ensures that unauthorized individuals are restricted from
viewing data to which they are not entitled?
1.Authentication
2.Confidentiality
(Right)
3.Integrity
4.Nonrepudiation
Page 8 of 37
28 1376739
Unit : 1, Group : 1
A __________ is anything that can cause harm.
1.vulnerability
2.phish
3.threat (Right)
4.spoof
29 1376744
Unit : 1, Group : 1
A hacker contacts you my phone or email and attempts to acquire your password.
1.spoofing
2. phishing (Right)
3.spamming
4.
30 1376746
Unit : 1, Group : 1
The phrase __________ describes viruses, worms, Trojan horse attack applets, and attack scripts.
1.malware (Right)
2.spam
3.phish
4.
31 1376753
Unit : 1, Group : 1
The __________ of a threat measures its potential impact on a system.
1.countermeasures
2.degree of harm (Right)
3.vulnerabilities
4.
32 1376756
Unit : 1, Group : 1
In Hyper Text Transfer Protocol (HTTP), a client can directly connect to a server using
1.Web-based connection
2.Domain (Right)
3.TELNET
4.
Page 9 of 37
33 1376761
_______________ is time based SQL injection attack.
Unit : 1, Group : 1
1.Quick detection
2.Initial Exploitation
3.Blind SQL Injection (Right)
4.
34 1376763
Unit : 1, Group : 1
Cross Site Scripting is a vulnerability in web application that allows an attacker to inject _____ and
_____ code into a web page.
1.HTML and Javascript (Right)

2. C and C++
3.JAVA AND PERL
4.
35 1378084
Unit : 1, Group : 1
One operation that frequently has cross-site scripting (XSS) vulnerabilities is .
1.user visits a site's homepage.

2.site prompts the user for their user name and password.
3.A site produces an error message for an invalid user name.
(Right)
4.
36 1378092
Unit : 1, Group : 1
Which of the following is true of improper error handling?
1.Attackers can use error messages to extract specific information from a system.
2.Unexpected errors can provide an attacker with a buffer or stack overflow condition that sets the stage for an arbitrary code execution.
3.attackers can use unexpected errors to knock an application off line, creating a denial-of-service attack.
4.All of the above. (Right)
Page 10 of 37
37 1378093
Unit : 1, Group : 1
Which of the following is NOT recommended for securing Web applications against
authenticated users?
1.Client-side data validation (Right)

2.Filtering data with a default deny regular expression
3.Running the application under least privileges necessary
4.
38 1378099
Unit : 1, Group : 1
Many applications use _________________, where two independent factors are used to identify a
user.
1.Two-factor authentication (Right)

2.Cross-site request forgery
3. Cross-site scripting
4.
39 1378106
Unit : 1, Group : 1
What is the cost of carrying out an application DoS attack on an average website
1.$5,000
2.$200 (Right)
3.$500
4.
40 1378107
Unit : 1, Group : 1
The term that is considered as a basis for most robust authentication schemes, is said to be
1.Identification
2.Registration
3.Encryption (Right)
4.
41 1390851
Unit : 1, Group : 1
What is known as sandbox ?
1.It is a special mode of antivirus

2.It is program that is controlled or emulated section of OS (Right)
3. It is a program which can be molded to do desired task
4.
Page 11 of 37
42 1390860
This two-level scheme for authenticating network users functions as part of the Web's Hypertext Transfer Protocol.
Unit : 1, Group : 1
1.SSL (Right)
2.LUHN formula
3. IPSec
4.
43 1412468
Unit : 1, Group : 1
Enumeration is part of what phase of ethical hacking?
1.Reconnaissance
2.Maintaining Access
3.Gaining Access (Right)
4.
44 1412470
Unit : 1, Group : 1
What are hybrid attacks?
1.An attempt to crack passwords using words that can be found in dictionary.
2.An attempt to crack passwords by replacing characters of a dictionary word with numbers and symbols. (Right)
3.An attempt to crack passwords using a combination of characters, numbers, and symbols.
4.
45 1413236
Unit : 1, Group : 1
Which of the following is not the way to maintain state?
1.Request object (Right)

2. Hidden fields
3.Cookies
4.
Page 12 of 37
46 1413238
Unit : 1, Group : 1
You can have only one Global.asax file per project.
1.Yes (Right)
2. No
3.
4.
47 1413244
Unit : 1, Group : 1
How do you get information from a form that is submitted using the "post" method?
1.Request.QueryString
2.Request.Form (Right)
3.Response.write
4.
48 1413246
Unit : 1, Group : 1
Which DLL translate XML to SQL in IIS?
1.SQLISAPI.dll (Right)
2.SQLXML.dll
3. LISXML.dll
4.
49 1413256
Unit : 1, Group : 1
What are hybrid attacks?
1.An attempt to crack passwords using words that can be found in dictionary.
2.An attempt to crack passwords by replacing characters of a dictionary word with numbers and symbols. (Right)
3.An attempt to crack passwords using a combination of characters, numbers, and symbols.
4.
Page 13 of 37
50 1413262
Unit : 2, Group : 2
What protocol is the Active Directory database based on?
1.LDAP (Right)
2.TCP
3. SQL
4.
51 1413263
Unit : 2, Group : 2
Which Nmap scan is does not completely open a TCP connection?
1.SYN stealth scan (Right)

2.TCP connect
3.XMAS tree scan
4.
52 1413271
Unit : 2, Group : 2
What is the most important activity in system hacking?
1.Information gathering
2.Cracking passwords (Right)
3.Escalating privileges
4.
53 1413289
Unit : 2, Group : 2
What is the purpose of a Denial of Service attack?
1.Exploit a weakness in the TCP/IP stack

2.To execute a Trojan on a system
3.To overload a system so it is no longer operational (Right)
4.
Page 14 of 37
54 1391856
Unit : 2, Group : 2
Having individuals provide personal information to obtain a free offer provided through the Internet is
considered what type of social engineering?
A. Web-based
B. Human-based
C. User-based
D. Computer-based
1. Web-based
2. Human-based
3. Computer-based (Right)
4.
55 1413247
Unit : 2, Group : 2
What is used to validate complex string patterns like an e-mail address?
1.Extended expressions
2.Basic expressions
3.Regular expressions (Right)
4.
56 1391839
Unit : 2, Group : 2
. What is the best statement for taking advantage of a weakness in the security of an IT system?
1. Threat
2.Attack
3. Exploit (Right)
4.
57 1391847
Unit : 2, Group : 2
. Which database is queried by Whois?
1.ICANN (Right)
2. ARIN
3. APNIC
4.
Page 15 of 37
58 1391864
Unit : 2, Group : 2
. An attempt to make a computer resource unavailable to its intended users is called
a) denial-of-service attack
b) virus attack
c) worms attack
d) botnet process
1. virus attack
2. denial-of-service attack (Right)
3. botnet process
4.
59 1378893
Unit : 2, Group : 2
Which of the following are forms of malicious attack ?
1.Theft of information
2.Modification of data
3.Wiping of information
4.All of the mentioned (Right)
60 1378894
Unit : 2, Group : 2
What are common security threats ?
1.File integrity
2.File sharing and permission (Right)
3.File corrupting
4.
61 1390659
Unit : 2, Group : 2
What are common security threats ?
1. File Shredding
2.File sharing and permission (Right)
3.File corrupting
4.
Page 16 of 37
62 1390674
Unit : 2, Group : 2
Which of the following is a strong password ?
1.P@assw0rd (Right)
2.Delhi88
3.19thAugust88
4.
63 1390677
Unit : 2, Group : 2
Why is one time password safe ?
1.It is easy to generated

2.It cannot be shared
3.It is different for every access (Right)
4.
64 1390683
Unit : 2, Group : 2
What is characteristic of RADIUS system ?
1.provides centralized authentication mechanism via network devices
(Right)
2. It is essential for centralized encryption and authentication
3.It works on Network layer to deny access to unauthorized people
4.
65 1390686
Unit : 2, Group : 2
Which happens first authorization or authentication ?
1.Authorization (Right)
2. Authentication
3.Authorization & Authentication are same
4.
Page 17 of 37
66 1390692
Unit : 2, Group : 2
What forces the user to change password at first logon ?
1.Account administrator (Right)

2.Default behavior of OS
3.Devices being accessed forces the user
4.
67 1390694
Unit : 2, Group : 2
What is not a best practice for password policy ?
1.Deciding maximum age of password

2.Having change password every 2 years (Right)
3.Password encryption
4.
68 1390701
Unit : 2, Group : 2
What is breach of confidentiality ?
1.This type of violation involves unauthorized reading of data (Right)

2.This violation involves unauthorized modification of data
3.This violation involves unauthorized destruction of data
4.
69 1390709
Unit : 2, Group : 2
What is Trojan horse ?
a)
b)
c)
1.It is a useful way to encrypt password

2.It is a user which steals valuable information
3.It is a rogue program which tricks users (Right)
4.
Page 18 of 37
70 1390716
Unit : 2, Group : 2
Which of the following is not a characteristic of virus ?
1.Virus destroy and modify user data

2.Virus is a standalone program
3.Virus cannot be detected
(Right)
4.
71 1390719
Unit : 2, Group : 2
What is known as masquerading ?
1.When one participant in communication pretends to be someone else (Right)

2.When attacker modifies data in communication
3.When attack is of fraudulent repeat of a valid data
4.
72 1390811
Unit : 2, Group : 2
What is port scanning ?
1.It is a software used to scan system for attack

2.It is a software application designed to probe a server or host for open ports (Right)
3. It is software used to scan system for introducing attacks by brute force
4.
73 1390817
Unit : 2, Group : 2
Which is not a valid port scan type ?
1.IGMP scan (Right)

2.Window scanning
3.ACK scanning
4.
Page 19 of 37
74 1390825
Unit : 2, Group : 2
With regard to DOS attack what is not true from below options ?
1.We can stop DOS attack completely (Right)

2.By upgrading OS vulnerability we can stop DOS attack to some extent
3.DOS attack has to be stopped at network level
4.
75 1390835
Unit : 2, Group : 2
What is best practice in firewall domain environment ?
1.Create a Demilitarized zone (Right)

2.Create strong policy in firewall to support different types of users
3.Create two domain trusted and untrusted domain
4.
76 1390843
Unit : 2, Group : 2
How do viruses avoid basic pattern match of antivirus ?
1.They are encrypted

2.They act with special permissions
3.They modify themselves (Right)
4.
77 1413265
Unit : 2, Group : 2
Phishing is a form of ____________________.
1.Spamming
2.Identify Theft
3.Impersonation (Right)
4.
Page 20 of 37
78 1413266
Unit : 2, Group : 2
Sniffing is used to perform ______________ fingerprinting.
1.Passive stack (Right)

2.Active stack
3.Passive banner grabbing
4.
79 1413268
Unit : 2, Group : 2
A packet with no flags set is which type of scan?
1.TCP
2.XMAS
3. NULL (Right)
4.
80 1413277
Unit : 2, Group : 2
Performing hacking activities with the intent on gaining visibility for an unfair situation is called
________.
1.Cracking
2.Hacktivism (Right)
3. Analysis
4.
81 1413285
Unit : 2, Group : 2
The first phase of hacking an IT system is compromise of which foundation of security?
1.Availability
2.Confidentiality (Right)
3.Integrity
4.
Page 21 of 37
82 1391823
Unit : 2, Group : 2
. Which form of encryption does WPA use?
1.A. Shared key

2.B. LEAP
3.C. TKIP (Right)
4.
83 1391875 . Extensible authentication protocol is authentication framework frequently used in
Unit : 2, Group : 2 sa) wired personal area network
1. wireless networks (Right)

2.wired local area network
3. none of the mentioned
4.
84 1390671
Unit : 2, Group : 2
Which of the following is least secure method of authentication ?
1.Key card
2.fingerprint
3.Password (Right)
4.
85 1390679
Unit : 2, Group : 2
What does Light Directory Access Protocol (LDAP) doesn¶t store ?
1. Users
2.Address (Right)
3.Passwords
4.
Page 22 of 37
86 1390689
Unit : 2, Group : 2
What is characteristics of Authorization ?
1.Deals with privileges and rights (Right)

2.Multilayered protection for securing resources
3.3 way handshaking with syn and fin
4.
87 1390698
Unit : 2, Group : 2
What is breach of integrity ?
1.This type of violation involves unauthorized reading of data

2.This violation involves unauthorized modification of data (Right)
4.
88 1390703
Unit : 2, Group : 2
What is theft of service ?

2.This violation involves unauthorized use of resources (Right)
4.
89 1390707
Unit : 2, Group : 2
What is breach of availability ?

2.This violation involves unauthorized modification of data
3.This violation involves unauthorized destruction of data (Right)
4.
Page 23 of 37
90 1390712
Unit : 2, Group : 2
What is trap door ?
1. IT is trap door in WarGames

2. It is a hole in software left by designer (Right)
3.It is a Trojan horse
4.
91 1390714
Unit : 2, Group : 2
Which mechanism is used by worm process ?
1.Trap door
2.Fake process
3.Spawn Process (Right)
4.
92 1390807
Unit : 2, Group : 2
Who unleashed famous worm attack in 1988 which effected UNIX systems and caused losses in
millions ?
1.Robert Morris (Right)

2.Bob Milano
3.Mark zuckerberg
4.
93 1390813
Unit : 2, Group : 2
Which is not a port scan type ?
1.TCP scanning
2.UDP scanning
3.SYSTEM Scanning (Right)

4.
Page 24 of 37
94 1390822
Unit : 2, Group : 2
What is known as DOS attack ?
1.It is attack to block traffic of network

2. It is attack to harm contents stored in HDD by worm spawn processes
3.It is an attempt to make a machine or network resource unavailable (Right)
4.
95 1390830
Unit : 2, Group : 2
What is not a important part of security protection ?
1.Large amount of RAM to support antivirus (Right)

2.Strong passwords
3.Audit log periodically
4.
96 1390839
Unit : 2, Group : 2
What are two features of a tripwire file system ?
1.It is a tool to monitor file systems (Right)

2.It is used to automatically take corrective action
3.It is used to secure UNIX system
4.
97 1391883 .WPA2 is used for security in
Unit : 2, Group : 3
1. ethernet
2. bluetooth
3. wi-fi (Right)
4.
Page 25 of 37
98 1391891
Unit : 2, Group : 3
. IPSec is designed to provide the security at the
1.transport layer
2. application layer
3. network layer (Right)
4.
99 1391503
Unit : 3, Group : 1
Which of the following is NOT recommended for securing Web applications against
authenticated users?
1.Client-side data validation (Right)

2. Filtering data with a default deny regular expression
3.Running the application under least privileges necessary
4.
100 1393099
Unit : 3, Group : 2
. Which object can help you maintain data across users?
1. Application object (Right)

2. Session object
3. Server object
4.
101 1391921
Unit : 3, Group : 2
. What is used to validate complex string patterns like an e-mail address?
1.Regular expressions
(Right)
2.Regular expressions
3. Basic expressions
4.
Page 26 of 37
102 1393085
Unit : 3, Group : 2
Default scripting language in ASP.
1. VBScript (Right)
2. PERL
3.
EcmaScript
4.
103 1393087 Inside which HTML element do we put the JavaScript?
Unit : 3, Group : 3
1.<scripting>
2.<js>
3.<script> (Right)
4.
104 1393093 What is the correct syntax for referring to an external script called " abc.js"?
Unit : 3, Group : 3
1.<script href=" abc.js">

2.<script src=" abc.js"> (Right)
3.<script name=" abc.js">
4.
105 1393255
Unit : 3, Group : 3
. Which of the following object is used along with application object in order to ensure that only one
process accesses a variable at a time?
1.Synchronize
2. Synchronize() (Right)
3. Lock()
4.
Page 27 of 37
106 1393260
Unit : 3, Group : 3
. Which of the following control is used to validate that two fields are equal?
1. CompareValidator (Right)
2. RegularExpressionValidator
3. equals() method
4.
107 1393272
. Which of the following is not the way to maintain state?
Unit : 3, Group : 3
1. Request object (Right)

2. Hidden fields
3.Cookies
4.
108 1391898 When a user views a page containing a JavaScript program, which machine actually executes the script?
Unit : 3, Group : 3
1. A central machine deep within Netscape's corporate offices

2.The User's machine running a Web browser (Right)
3.The Web server
4.
109 1391916
Unit : 3, Group : 3
. Caching type supported by ASP.Net
A. Output Caching
B. DataCaching
C. a and b
D. none of the above
1. a and b (Right)
2.DataCaching
3. Output Caching
4.
Page 28 of 37
110 1391918 _____ JavaScript statements embedded in an HTML page can respond to user events such as mouse-clicks,
Unit : 3, Group : 3 form input, and page navigation.
1.Native
2.Client-side (Right)
3.Server-side
4.
111 1391924
Unit : 3, Group : 3
. File extension used for ASP.NET files.
1.ASP (Right)
2. .ASPX
3.Web
4.
112 1391926 Which of the following are capabilities of functions in JavaScript?
Unit : 3, Group : 3
1.Return a value
2.Accept parameters (Right)
3.Accept parameters and Return a value
4.
113 1391927 Which of the following is not a valid JavaScript variable name?
Unit : 3, Group : 3
1.FirstAndLast
2._first_and_last_names
3.2names (Right)
4.
Page 29 of 37
114 1392068 ______ tag is an extension to HTML that can enclose any number of JavaScript statements.
Unit : 3, Group : 3
1.<SCRIPT> (Right)
2. <BODY>
3.<HEAD>
4.
115 1392517
Unit : 3, Group : 3
. Which DLL translate XML to SQL in IIS?
1. SQLISAPI.dll (Right)
2.LISXML.dll
3. SQLIIS.dll
4.
116 1392743
Unit : 3, Group : 3
. Default Session data is stored in ASP.Net.
1.Session Object
2. InProcess (Right)
3. StateServer
4.
117 1392744 What is the correct JavaScript syntax to write "Hello World"?
Unit : 3, Group : 3
1. System.out.println("Hello World")
2.println ("Hello World")
3.document.write("Hello World") (Right)
4.
118 1391840 The relational database model is based on concepts proposed in the 1960s and 1970s.
Unit : 3, Group : 3 1.True (Right)

2.False
3.
4.
Page 30 of 37
119 1391849 A first step in database creation should be needs analysis.
Unit : 3, Group : 3
1.True (Right)
2.False
3.
4.
120 1391857 In a networked web based GIS all communications must go through an internet map server.
Unit : 3, Group : 3
1.True
2.False (Right)
3.
4.
121 1391859 In an OO database approach µobject = attributes + behaviour¶
Unit : 3, Group : 3 1.True

2.False (Right)
3.
4.
122 1391793
Which of the following is correct with regard to echo and print?
Unit : 3, Group : 3
1.echo is a construct and print is a function

2.Both are functions
3.Both are constructs (Right)
4.
123 1391799
The advantages of Standard Query Language (SQL) include which of the following in relation to GIS databases?
Unit : 3, Group : 3
1. It is good at handling geographical concepts. (Right)

2.It is simple and easy to understand.
3.It uses a pseudo-English style of questioning.
4.
Page 31 of 37
124 1391806
Which of the following are characteristics of an RDBMS?
Unit : 3, Group : 3
1.Queries are possible on individual or groups of tables.

2.Data are organized in a series of two-dimensional tables each of which contains records for one entity.
3.Tables are linked by common data known as keys. (Right)
4.
125 1391809
What is a µtuple¶"
Unit : 3, Group : 3
1.Another name for a table in an RDBMS.

2. A row or record in a database table. (Right)
3.Another name for the key linking different tables in a database.
4.
126 1391815
Which of the following are issues to be considered by users of large corporate GIS databases?
Unit : 3, Group : 3
1.The need for multiple copies of the same data and subsequent merging after separate updates.
2.The need for concurrent access and multi-user update.
3.The need for multiple views or different windows into the same databases. (Right)
4.
127 1391922
Which of the following can't be done with client-side JavaScript?
Unit : 3, Group : 3
1.Validating a form
2.Storing the form's contents to a database file on the server (Right)
3.Sending a form's contents by email
4.
128 1391931
Unit : 3, Group : 3
. An alternative way of displaying text on web page using
1. asp:label (Right)
2. asp:listitem
3. asp:button
4.
Page 32 of 37
129 1392070
Unit : 3, Group : 3
Why is Global.asax is used?
1. Declare Global variables

2. Implement application and session level events (Right)
3. No use
4.
130 1392372
Unit : 3, Group : 3
. Which of the following is not a member of ADODBCommand object?
1. ExecuteScalar
2. Open (Right)
3.ExecuteStream
4.
131 1392515 How does JavaScript store dates in a date object?
Unit : 3, Group : 3
1. The number of seconds since Netscape's public stock offering.

2.The number of milliseconds since January 1st, 1970 (Right)
3.None of the above
4.
132 1392740 Which of the following attribute can hold the JavaScript version?
Unit : 3, Group : 3
1.VERSION
2.SCRIPT
3.LANGUAGE (Right)
4.
133 1393084 Which of the following way can be used to indicate the LANGUAGE attribute?
Unit : 3, Group : 3
1.<SCRIPT LANGUAGE="JavaScriptVersion"> JavaScript statements«SCRIPT> (Right)

2.<SCRIPT LANGUAGE="JavaScriptVersion">
3.<SCRIPT LANGUAGE="JavaScriptVersion"!> JavaScript statements«SCRIPT>
4.
Page 33 of 37
134 1393090
Unit : 3, Group : 3
. How do you get information from a form that is submitted using the "post" method?
1.Request.QueryString
2.Request.Form (Right)
3. Response.writeln
4.
135 1393097 Which types of image maps can be used with JavaScript?
Unit : 3, Group : 3
1.Client-side image maps (Right)

2.Server-side image maps
3.Server-side image maps and Client-side image maps
4.
136 1393101
Unit : 3, Group : 3
Which of the following ASP.NET object encapsulates the state of the client?
A.
B. Application object
C.
D.
1.Session object (Right)

2.Response object
3. Server object
4.
Page 34 of 37
137 1393266
Unit : 3, Group : 3
. Mode of storing ASP.NET session
1. InProc
2. StateServer
3.All of the above (Right)
4.
138 1393268
Unit : 3, Group : 3
You can have only one Global.asax file per project.
1.Yes (Right)
2.No
3.
4.
139 1393273
Unit : 3, Group : 3
______________ element in the web.config file to run code using the permissions of a specific user
1.< authorization> element

2.< identity> element (Right)
3.< credential> element
4.
140 1393590
Unit : 3, Group : 3
__________ is a special subfolder within the windows folder that stores the shared .NET component.
1./bin
2.Root
3.GAC (Right)
4.
141 1391786
You need to count the number of parameters given in the URL by a POST operation. The correct way is:
Unit : 3, Group : 3
1.count($POST_VARS);
2.count($POST_VARS_PARAM);
3. count($_POST); (Right)
4.
Page 35 of 37
142 1391821
Which of the following are features of the object-oriented approach to databases?
Unit : 3, Group : 3
1.The ability to develop more realistic models of the real world. (Right)
2.The ability to develop database models based on location rather than state and behaviour.
3.The ability to represent the world in a non-geometric way.
4.
143 1391836 Redundancy is minimised with a computer based database approach.
Unit : 3, Group : 3
1.True (Right)
2.False
3.
4.
144 1391853 In entity attribute modelling a many to many relationship is represented by M:M.

2.False (Right)
3.
4.
145 1391845 A row in a database can also be called a domain.

2.False (Right)
3.
4.
146 1391870 You can add a row using SQL in a database with which of the following?
Unit : 3, Group : 3
1.ADD
2.INSERT (Right)
3.CREATE
4.
147 1391881
The command to remove rows from a table µCUSTOMER¶is:
Unit : 3, Group : 3
1.DELETE FROM CUSTOMER WHERE «(Right)

2.DROP FROM CUSTOMER «
3.REMOVE FROM CUSTOMER «
4.
Page 36 of 37
148 1391889 The SQL WHERE clause:
Unit : 3, Group : 3
1.limits the row data that are returned. (Right)

2.limits the column data that are returned.
3.Both A and B are correct.
4.
149 1391894 Why so JavaScript and Java have similar name?
Unit : 3, Group : 3
1.JavaScript is a stripped-down version of Java

2.They both originated on the island of Java
3.JavaScript's syntax is loosely based on Java's (Right)
4.
150 1391903 ______ JavaScript is also called client-side JavaScript.
Unit : 3, Group : 3
1.Navigator (Right)
2.LiveWire
3.Microsoft
4.
151 1391912 __________ JavaScript is also called server-side JavaScript.
Unit : 3, Group : 3
1.Navigator
2. Microsoft
3.LiveWire (Right)
4.
152 1391913
Unit : 3, Group : 3
. Attribute must be set on a validator control for the validation to work.
1. ControlToValidate (Right)
2.ControlToBind
3. ValidateControl
4.
Page 37 of 37
153 1391914 What are variables used for in JavaScript Programs?
Unit : 3, Group : 3
1.Storing numbers, dates, or other values (Right)

2.Causing high-school algebra flashbacks
3. Varying randomly
4.
154 1391920 What should appear at the very end of your JavaScript?
Unit : 3, Group : 3 The <script LANGUAGE="JavaScript">tag
1.The END statement

2.The <script>
3. The </script> (Right)
4.
155 1391863 In an OO database objects may inherit some or all of the characteristics of other objects.
Unit : 3, Group : 3
1.True (Right)
2.False
3.
4.

Web Sec Quiz-Cat-309 PDF

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Web Sec Quiz-Cat-309 PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Web Sec Quiz-Cat-309 PDF

Uploaded by

Copyright:

Available Formats

Question Details of Subject :QUIZ-CAT-309

QNo Question Id Question Description

1.web bug (Right)

1. data diddling (Right)

1.Parameterized data cannot be manipulated by a skilled and determined attacker

Unit : 1, Group : 1 1.Reflected and Stored (Right)

1.Educate your users to recognize safe vs. unsafe web pages.

1.Cross-Site Request Forgery (CSRF)

1.cross-site scripting (Right)

1.Previously known patterns (Right)

1. Not to open software from unknown vendors (Right)

1.Network, vulnerability, and port (Right)

1.Application object (Right)

1.Session object (Right)

1.denial-of-service attack (Right)

1.wireless networks (Right)

3.wired personal area network

1.The Active Directory

1.HTML and Javascript (Right)

1.user visits a site's homepage.

1.Client-side data validation (Right)

1.Two-factor authentication (Right)

1.It is a special mode of antivirus

1.Request object (Right)

1.SYN stealth scan (Right)

1.Exploit a weakness in the TCP/IP stack

1.It is easy to generated

1.provides centralized authentication mechanism via network devices

1.Account administrator (Right)

1.Deciding maximum age of password

1.This type of violation involves unauthorized reading of data (Right)

1.It is a useful way to encrypt password

1.Virus destroy and modify user data

1.When one participant in communication pretends to be someone else (Right)

1.It is a software used to scan system for attack

1.IGMP scan (Right)

1.We can stop DOS attack completely (Right)

1.Create a Demilitarized zone (Right)

1.They are encrypted

1.Passive stack (Right)

1.A. Shared key

1. wireless networks (Right)

1.Deals with privileges and rights (Right)

1.This type of violation involves unauthorized reading of data

1.This type of violation involves unauthorized reading of data

1.This type of violation involves unauthorized reading of data

1. IT is trap door in WarGames

1.Robert Morris (Right)

3.SYSTEM Scanning (Right)

1.It is attack to block traffic of network

1.Large amount of RAM to support antivirus (Right)

1.It is a tool to monitor file systems (Right)

1.Client-side data validation (Right)

1. Application object (Right)

1.<script href=" abc.js">

1. Request object (Right)

1. A central machine deep within Netscape's corporate offices

1.<SCRIPT LANGUAGE="JavaScriptVersion"> JavaScript statements«SCRIPT> (Right)