Quiz: Secure Web directories and development


Quiz: Secure Web directories and development

By Michael Cobb

1.) Which is the best directory structure for a Web site that includes static and dynamic content?

a. E: \inetpub\wwwroot\mywebsite

b. C: \inetpub\wwwroot\mywebsite

c. E: \inetpub\wwwroot\myserver\scripts
E: \inetpub\wwwroot\myserver\static

d. C: \inetpub\wwwroot\myserver\scripts
C: \inetpub\wwwroot\myserver\static

e. E: \inetpub\wwwroot\myserver\executables
E: \inetpub\wwwroot\myserver\static



2.) Which option is not a reason for validating data received from a Web form before processing it?

a. The user might have misspelled their name
b. The user might have entered an invalid date
c. The data may contain malicious code
d. The data may be of the wrong type
e. None of the above


3.) True or False: Hidden form fields are a safe way to pass sensitive information from one form to another.


4.) Your Windows IIS Web server has been attacked and you think the hacker has gained access to your database server that contains customer details and orders received via the Internet. What is the first thing you should do?

a. Disconnect all compromised machines from your network
b. Reboot the server and log on as the local administrator
c. Consult your security policy
d. Determine if the Web server is running a network sniffer
e. Create a backup of your system


5.) Even if your Web server is initially set up in a perfectly secure and pristine state, it will degrade over time. Which factor can speed up this degradation?

a. Using Windows IIS instead of Linux
b. Having a very popular Web site
c. Having a lot of administrators with access to the server
d. Having regular vulnerability assessments
e. Regularly changing the contents of the home page


Take the final exam

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy