Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
|
What is XSS ?
|
- considered as one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.
|
|
|
What is the ease of detection of cwe-89 ?
|
- easy
|
|
|
What is Buffer?
|
- is something that can result to data loss or service denial if it overflows.
|
|
|
What is cross site request forgery ?
|
- is like that strange package, except the attacker tricks a user into activating a request that goes
to your site. |
|
|
What is the consequence in cwe-285 ?
|
-security bypass
|
|
|
What is the weak prevalence in cwe-807 ?
|
-high
|
|
|
What is the weak prevalence in cwe-22 ?
|
-widespread
|
|
|
What is the remediation cost in cwe-434 ?
|
-medium
|
|
|
What is the remediation cost in cwe-78 ?
|
-medium
|
|
|
What is the attack frequency in cwe-311 ?
|
- sometimes
|
|
|
What is the attack frequency in cwe-798 ?
|
- rarely
|
|
|
What is the attacker awareness in cwe-805 ?
|
- high
|
|
|
What is the attacker awareness in cwe-98 ?
|
- high
|
|
|
What will happen f you use untrusted inputs when calculating an index into an array ?
|
- an attacker could provide an index that is outside the boundaries of the array.
|
|
|
What kind of language should we use in cwe-754 ?
|
- language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
|
|
|
What is the weak prevalence in cwe-209 ?
|
-high
|
|
|
What is the weak prevalence in cwe-190 ?
|
- common
|
|
|
What is the weak prevalence in cwe-131 ?
|
- high
|
|
|
What is the weak prevalence in cwe-306 ?
|
- common
|
|
|
What is the ease of detection in cwe-494 ?
|
- moderate
|
|
|
What is the weak prevalence in cwe-732 ?
|
- easy
|
|
|
What is the weak prevalence in cwe-770 ?
|
- moderate
|
|
|
What is the attacker awareness in cwe-601 ?
|
-medium
|
|
|
What is the attacker awareness in cwe-327 ?
|
-medium
|
|
|
What is the attacker awareness in cwe-362 ?
|
-high
|
