13. How can you protect against client-side injection attacks? Check all that apply.
- Use a SQL database
- Use data sanitization
- Utilize strong passwords
- Use input validation.
14. An attacker uses software that continuously tries different combinations of characters to gain access to something password protected. What kind of attack is this?
- A brute-force attack
- A POD (Ping of Death) attack
- A dictionary attack
- A baiting attack
15. Which of these are devices that let employees enter buildings and restricted areas and access secured computer systems at any time, day or night?
- Door locks
- Equipment locks
- Badge readers
- Bollards
16. Two people arrive at a building saying they are repair workers. An employee trusts them and lets them in. As soon as they have access to the building, they hack into a computer and steal confidential information. What kind of attack is this?
- A tailgating attack
- A spoofing attack
- A zero day vulnerability attack
- A phishing attack
17. Which of these is an XSS (Cross-site scripting) injection attack?
- An attack where attackers fool an employee into letting them into a restricted area or building
- An attack that targets a whole website and uses database commands to delete or steal data and run other malicious commands
- An attack that overloads a system with ICMP echo requests to overwhelm it, and to prevent legitimate users from accessing it.
- An attack that inserts malicious code into a website and targets the users of a service