Application Security - DBMS

1.

A single ______________ further allows the user to be authenticated once, and multiple applications can then verify the user’s identity through an authentication service without requiring reauthentication.

   A.) OpenID
   B.) Sign-on system
   C.) Security Assertion Markup Language (SAML)
   D.) Virtual Private Database (VPD)

Answer: Option 'B'

Sign-on system

2.

A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

   A.) Two-factor authentication
   B.) Cross-site request forgery
   C.) Cross-site scripting
   D.) Cross-site scoring scripting

Answer: Option 'C'

Cross-site scripting

3.

Many applications use _________________, where two independent factors are used to identify a user.

   A.) Two-factor authentication
   B.) Cross-site request forgery
   C.) Cross-site scripting
   D.) Cross-site scoring scripting

Answer: Option 'A'

Two-factor authentication

4.

_____________ allows a system administrator to associate a function with a relation; the function returns a predicate that must be added to any query that uses the relation.

   A.) OpenID
   B.) Single-site system
   C.) Virtual Private Database (VPD)
   D.) Security Assertion Markup Language (SAML)

Answer: Option 'C'

Virtual Private Database (VPD)

5.

VPD provides authorization at the level of specific tuples, or rows, of a relation, and is therefore said to be a _____________ mechanism.

   A.) Row-type authentication
   B.) Authorization security
   C.) Row-level authorization
   D.) Column-level authentication

Answer: Option 'C'

Row-level authorization

Application Security Download Pdf