Page 801 - StudyBook.pdf
P. 801
Self Test Appendix • Appendix 785
Answer A is incorrect, because script source access is used to allow users to view the source
code.Answer B is incorrect, because the scenario requires visitors to the Web site to be able to
execute scripts in the directory.Answer D is incorrect, because setting the Log Visits property
will record visits to the directory so that logging is enabled for the site.
5. A user contacts you with concerns over cookies found on their hard disk.The user visited a
banking site several months ago, and when filling out a form on the site, provided some per-
sonal information that was saved to a cookie. Even though this was months ago, when the user
returned the to site, it displayed his name and other information on the Web page.This led the
user to check his computer, and find that the cookie created months ago is still on the hard
disk of his computer.What type of cookie is this?
A. Temporary
B. Session
C. Persistent
D. Tracking
C. Persistent. Persistent cookies are created to store for a long-term basis, so the person doesn’t
have to login each time they visit, or to save other settings like the language you want content
to be displayed in, your first and last name, or other information.
Answers A and B are incorrect, because Temporary and Session cookies are created on a tem-
porary basis, and removed from the computer when the Web browser is shut down.Answer D
is incorrect, because the user filled out a form on a banking site, and it is retrieving this infor-
mation months later to display on a Web page when the user returns to the site.This is the
behavior of a persistent cookie.Tracking cookies are different, because they are used to retain
information on sites visited by a user.
6. When reviewing security on an intranet, an administrator finds that the Web server is using
port 22.The administrator wants transmission of data on the intranet to be secure.Which of the
following is true about the data being transmitted using this port?
A. TFTP is being used, so transmission of data is secure.
B. TFTP is being used, so transmission of data is insecure.
C. FTP is being used, so transmission of data is secure.
D. S/FTP is being used, so transmission of data is secure.
D. S/FTP is being used, so transmission of data is secure. S/FTP is Secure FTP, and uses port
22. S/FTP establishes a tunnel between the FTP client and the server, and transmits data
between them using encryption and authentication is based on digital certificates.
Answer A is incorrect, because TFTP provides no encryption or authentication.Answer B is
incorrect, because TFTP uses UDP port 69.Answer C is incorrect, because FTP uses ports 20
and 21. Depending on how the FTP server is configured, authentication may be required in the
form of a username and password.
www.syngress.com
