.
LDAP Injection
XML Injection
SQL Injection
OS Commanding
Security Misconfiguration
Cross Site Scripting
Insecure Direct Object References
Broken Authentication and Session Management
Insecure Direct Object References
Session Replay
Session Fixation
Session Hijacking
Brute Force Attack
Session Hijacking
Session Fixation
Dictionary Attack
Brute Force Attack
Session Hijacking
Dictionary Attack
Session Fixation
Session Hijacking
Insecure Cryptographic Storage
Access Control Violation
Session Replay
SQL Injection
Cross site scripting
Malware Uploading
Man in the middle
Session Fixation
Improper Authentication
Insecure Cryptographic Storage
Unvalidated Redirects and Forwards
Crypt-analysis of hash values
Spamming
Authorization Bypass
Authentication bypass
SQL Injection
Cross Site Scripting
Cross Site Request Forgery
Insecure Direct Object References
Failure to restrict URL Access
Unvalidated Redirect or Forward
Security Misconfiguration
Insufficient Transport Layer Protection
Insecure Direct Object References
Injection
Cross Site Request Forgery
Insufficient Transport Layer Protection
OS Commanding
Cross Site Scripting
Cross Site Request Forgery
Cross Site Tracing
Session Replay
Cross Site Scripting
Cross Site Request Forgery
Session Hijacking
Session Hijacking
Cross Site Request Forgery
SQL Injection
Cross Site Scripting
SQL Injection
Brute Forcing of stored encrypted credentials
XML Injection
Access to sensitive data possible
True
False
Session Fixation
Session Hijacking
Session Tracing
Session Spotting
Session Spoofing
Data transfer protocol
Email Scam
Network scandal
Cross domain scandal
A computer virus
A file that makes it easier to access a Web site and browse
A file that hackers use to steal your identity
Web application file
Hurry to provide all the information so you can claim your prize as quickly as possible
Contact your caisse to confirm the information
Answer the e-mail and ask them to call you with more information.
Forward the mail to others for their opinion.
Your mailing address
Your Birth Date
Your modem configuration number
Your social security number
Many companies do not have a written security policy in place.
Many companies do not have physical security for the company networks
Many companies have insufficient protection between the Internet and company networks.
Many companies have insufficient information about the traffic over the company networks.
Minimize the threat of attackers
Allow access to unauthorized users
Prevent most hackers from accessing your system
Provide 100 percent security
A hacker cannot steal a legitimate user's identity
Users will not have access to and misuse system resources
Only the resources authorized for that user will be at risk
Hackers will not pose as legitimate users