Add to collection(s) Add to saved
  1. No category
Uploaded by Colour Theory

AY 2022 Sem 1 C371 ESE

advertisement 
AY2022 Semester 1
C371 ESE
Name
Student ID
Assessment
Venue
Seat
Number
C371 Application Security
AY2022 Semester 1 End-Semester Examination
(ESE)
Instructions to student:
This Segment is to be used by staff grader(s) only.
1) For this question paper, there are 22
pages (including this cover page).
2) a. You may refer to notes or any
other resources stored in your
laptop, and may use electronic
calculators and electronic
dictionaries. If SA 2.0 Quest detects
any internet access, you must not
use your laptop for the remaining
duration of the assessment.
b. You may use a blank piece of
paper (no larger than A4 size) for
rough working, but the paper will not
be accepted for submission at the
end of the assessment.
c. You may refer to paper-based
notes (in bound form, and no larger
than A4 size) during the
assessment.
d. Sharing of materials (e.g.
electronic calculator) is strictly
prohibited.
This segment is to be used by the invigilator
only and for 'online' and 'online and paper'
mode assessments only.
Please tick the box
below if the student
has done part of the
assessment online:
Invigilator's
Name:
Invigilator's
Signature:
Partially done
online
Question
Number
Marks
Awarded
Max
Marks
Section A/Q1
1
Section A/Q2
1
Section A/Q3
1
Section A/Q4
1
Section A/Q5
1
Section A/Q6
1
Section A/Q7
1
Section A/Q8
1
Section A/Q9
1
Section A/Q10
1
Section A/Q11
1
Section A/Q12
1
Section A/Q13
1
Section A/Q14
1
Section A/Q15
1
Section A/Q16
1
Section A/Q17
1
Section A/Q18
1
Section A/Q19
1
Section A/Q20
1
Section B/Q21
10
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 1 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Assessment
Venue
Seat
Number
Section B/Q22
8
Section B/Q23
8
Section B/Q24
4
Section B/Q25
10
Total
60
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 2 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Full Marks: 60
Maximum Marks for This Section: 20
Section A (20 Questions)
Question 1
(1 mark)
What is the HTTP status code returned when the requested file exists, but has incorrect file
permissions?
(A) HTTP 500
(B) HTTP 502
(C) HTTP 403
(D) HTTP 405
Answer: (
C )
Question 2
(1 mark)
Which web attack type relies on the attacker causing client-side code modification within the
web browser?
(A) DOM-based XSS attack
(B) Persistent XSS attack
(C) Transient XSS attack
(D) Reflected XSS attack
Answer: (
A
)
Question 3
(1 mark)
What is the best place to store user preference data for a website which consists of a 42KB
string array?
(A) Persistent cookie
(B) Transient cookie
(C) User session
(D) Session ID
Answer: (
A
)
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 3 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 4
(1 mark)
Which HTTP request verb indicates that an existing record is to be updated, under REST
web service conventions?
(A) GET
(B) TRACE
(C) POST
(D) PUT
Answer: (
D )
Question 5
(1 mark)
Which ModSecurity processing phase allows form post data to be examined for certain
strings such as confidential information?
(A) Phase 3
(B) Phase 2
(C) Phase 1
(D) Phase 4
Answer: (
B )
Question 6
(1 mark)
Which project phase is most suitable for the deployment of a DAST testing tool?
(A) Integration testing
(B) Build automation setup
(C) Requirements gathering
(D) Code development
Answer: (
A )
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 4 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 7
(1 mark)
Which HTTP protocol phase contains the nonce parameter being transmitted during HTTP
Digest authentication?
(A) HTTP Request body
(B) HTTP Request header
(C) HTTP Response body
(D) HTTP Response header
Answer: (
B or) D
Question 8
(1 mark)
Which libpam_cracklib parameter specifies at least 1 special character is required for a
password in Linux?
(A) ocredit=1
(B) ucredit=1
(C) ocredit=-1
(D) ucredit=-1
Answer: (
c
)
Question 9
(1 mark)
What is the SQLi syntax that allows selecting of more data columns than were specified in
the original SQL statement?
(A) union
(B) concat
(C) null
(D) 0x0a
Answer: (
A )
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 5 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 10
(1 mark)
What HTTP error will users encounter when an essay submission form is changed from a
POST to a GET method by mistake?
(A) HTTP 502
(B) HTTP 400
(C) HTTP 414
(D) HTTP 500
Answer: (
B
)
Question 11
(1 mark)
Which application security testing method allows testing to be conducted even when the
program is not yet ready to run?
(A) Dynamic Application Security Testing (DAST)
(B) Static Application Security Testing (SAST)
(C) Runtime Application Self Protection (RASP)
(D) Interactive Application Security Testing (IAST)
Answer: (
B )
Question 12
(1 mark)
How should a developer configure the highest-priority cipher suite for a website that is
expected to use the latest security standards?
(A) ECDHE-RSA-AES128-SHA
(B) TLS_AES_128_GCM_SHA256
(C) TLS_RSA_WITH_RC4_128_MD5
(D) TLS_RSA_WITH_AES_128_CBC_SHA
Answer: ( B
)
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 6 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 13
(1 mark)
Why is JSON widely considered to be a lighter and faster format for sending web service data
compared to XML?
(A) It has simpler syntax compared to XML's tags
(B) It is a text-based data format compared to XML
(C) It allows array structures to be represented but not XML
(D) It allows integers to be represented as data values
Answer: ( A
)
Question 14
(1 mark)
How can malicious PHP web shells be prevented from executing within the uploads folder?
(A) Remove global x (execute) permission from the folder
(B) Remove global w (write) and x (execute) permissions from the folder
(C) Configure a .htaccess file within the folder
(D) Configure a httpd.conf file within the folder
Answer: (
C
)
Question 15
(1 mark)
Where should database initialization parameters be placed within PHP PDO code?
(A) $st->execute();
(B) $st->bindParameter(...);
(C) $st = $db->prepare(...);
(D) $db = new PDO(...);
Answer: (
D )
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 7 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 16
(1 mark)
Which of these security issues will lead to CSRF (Cross-Site Request Forgery) attacks?
(A) Prepared statements were not used
(B) Version info was not turned off
(C) Synchronizer token was not used
(D) Password complexity was not enforced
Answer: (
C )
Question 17
(1 mark)
What is the best way to eliminate session fixation attacks on a website?
(A) Require a new API key after each successful user action
(B) Generate a session ID before every user login
(C) Invalidate the curent session ID after each form post
(D) Generate a session ID before each page navigation
Answer: (
B )
Question 18
(1 mark)
What happens when HSTS (HTTP Strict Transport Security) is enabled on the Apache
server?
(A) Server response header "Strict-Transport-Security" is sent to clients
(B) Server sets the "HSTS:TRUE" cookie for all clients
(C) Server session variable "HTTPS=443" is declared for all clients
(D) Server code will check for $_SERVER['SERVER_PORT'] = 443
Answer: (
A )
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 8 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 19
(1 mark)
Which of these files will be scanned for potential security issues by a SAST (Static Application
Security Testing) tool?
(A) memdump.dat
(B) tracks.7z
(C) ground_textures.bin
(D) SvcHandler.java
Answer: (
D
)
Question 20
(1 mark)
Which is the preferred method to eliminate LFI (Local File Inclusion) attacks?
(A) Disable allow_url_fopen in php.ini
(B) Disable shell_exec() in php.ini
(C) Write code to read and sanitize the text content before output
(D) Write code to parse for and remove hyperlinks from the text content
Answer: ( C
)
END OF SECTION A
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 9 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Section B (5 Questions)
Maximum Marks for This Section: 40
Question 21
(10 marks)
A hotel booking website needs to store their hotel guests' profile in a cookie. The cookie
settings are as shown in the table.
In addition, the following requirements are to be met :
•
•
•
•
The cookie value is to be set as a JSON string.
The JSON string is constructed from HTTP POST parameters.
An array called $profile is used to assign the JSON key-value pairs.
Use an encode function to create the JSON string from $profile.
Write the cookie setting code in PHP. Variables are required to be used for all settings.
<?php
// Set cookie parameters
$cookie_name = "guest_profile";
$expiry_time = time() + (10 * 30 * 24 * 60 * 60); // 10 months
$valid_path = "/hotels.com/set_profile";
$secure = true; // SSL/TLS required
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 10 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
// Construct cookie value from POST parameters
$profile = array(
"country" => $_POST["country"],
"language" => $_POST["language"]
);
$cookie_value = json_encode($profile);
// Set the cookie
setcookie($cookie_name, $cookie_value, $expiry_time, $valid_path, "", $secure);
?>
Question 22
(8 marks)
Encode the letter sequence "SoCAL" to Base64 format, given that the letter A is mapped to
ASCII code 65 (decimal) and so on. Show all your working, including each binary and decimal
conversion step.
ASCII Conversion to Dec/Bin
S = 83,
o = 111,
C = 67,
A = 65,
L = 76.
8-bit sequence (binary):
0101 0011
0110 1111
U29DQUw=
6 bit sequence + padding (binary)
0001 0100
0011 0110
0011 1101
0001 0000
0001 0100
0011 0000
0100 0011
6-bit sequence (decimal):
20, 54, 61, 3, 16, 20, 48
0100 0001
0000 0011
0100 1100
Base 64 format:
U29DQUw
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 11 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 23
(8 marks)
An SSL-enabled website is loading with a browser validation error. The certificate information
from Firefox is as follows :
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 12 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 13 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 23a
(4 marks)
Based on the certificate information above, list and explain 2 fields from the certificate that
caused the browser validation error.
It appears that the SSL certificate for
the website has expired. The certificate's validity period is from Tue, 09 Jun 2015 00:00:00 GMT
to Thu, 05 Jan 2017 12:00:00 GMT, which means that it is no longer valid. When a browser
encounters an expired SSL certificate, it will display a validation error to warn the user that the
connection may not be secure. To resolve this issue, the website owner needs to obtain a
new SSL certificate from a trusted certificate authority and install it on their web server.
This will allow the website to establish secure connections with browsers using the new,
valid certificate.
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 14 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 23b
(2 marks)
The website is then scanned using SSL Labs. The result is shown above. Explain what the "T"
rating means.
The “T” rating in an SSL Labs report indicates that the server’s certificate is not trusted.
This can happen for several reasons, such as the certificate being self-signed,
the certificate being issued by an untrusted certificate authority, or the certificate being
revoked or expired. In this case, based on the information you provided earlier, it appears
that the certificate has expired, which would cause it to be considered untrusted by browsers
and other clients. To resolve this issue and improve the SSL Labs rating, the website owner
needs to obtain a new, valid SSL certificate from a trusted certificate authority and install it
on their web server. This will allow the website to establish secure connections with browsers
and other clients using a trusted certificate.
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 15 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 23c
(2 marks)
Explain why the website's administrator should not try to fix the browser validation issue via
"manually editing" the SSL certificate currently deployed on the server.
What should the administrator do instead to properly configure the SSL website to eliminate
the validation error?
The web admin should not try and fix the browser validation by manually editing. SSL certificate that
are self-signed are not authentic and not trusted by browser and other clients. This won't resolve the
validation issue.
Instead, the web admin should get a new valid SSL certificate from a trusted CA and install it on their
web server. This will allow website to establish a secure connection with browsers and other clients
using a trusted certificate, which should eliminate the validation error. The process for obtaining a new
SSL certificate depend on the CA, but generally it involves certificate signing and submitting to CA.
The web admin should consult their web server hosting to get this done.
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 16 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
Question 24
(4 marks)
An incorrectly-configured web service program was found to be sending out web traffic
continuously from a customer's system, which is quickly overloading the company's web server.
Before the company is able to contact the customer, write ModSecurity rules to deny traffic
from the web service program, based on the following :
a. The URL is send_orders.php
b. The assigned rule ID is 400307
c. The log message is 'Overloaded web service traffic'
d. The client is using the POST HTTP method
e. The IP range to be filtered is the Class C subnet 202.15.34.xx.
SecRule REQUEST_URI "@streq /send_orders.php" \
"id:400307, \
phase:2, \
deny, \
msg:'Overloaded web service traffic', \
logdata:'%{matched_var}', \
chain"
SecRule REQUEST_METHOD "@streq POST" "chain"
SecRule REMOTE_ADDR "^202\.15\.34\."
Question 25
(10 marks)
Festival Cruises International (FCI) is trying to optimize the deployment of its cruise ships, given
the increasing tourist numbers. Create a web-app folder named webfci. Create a database also
named webfci. Create a database table named ship_info and enter the sample data as shown.
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 17 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
A report is required which needs to query the ship_info table to search for cruise ships that
meet the following criteria :
i. Maximum passenger capacity greater than 3000
ii. Current utilization less than 85 (%)
With $db as the database handle, write the complete PHP code using PDO (PHP Data
Objects) to perform the query.
The code should be able to withstand possible SQL injection attacks, and should query only
required columns. Set the table columns, form fields, and variables in your code to the names
shown in the table above.
Include a search form and use the parameters as shown below.
In the results page, a link to the search page should be displayed. Your student ID and name
should be included in the results, as shown below.
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 18 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
<?php
// Connect to the database
$db = new PDO('mysql:host=localhost;dbname=webfci', 'username', 'password');
// Check if form was submitted
if (isset($_POST['submit'])) {
// Get form values
$max_cap = $_POST['max_cap'];
$cur_util = $_POST['cur_util'];
// Prepare and execute query
$stmt = $db->prepare("SELECT ship_id, ship_name, max_cap, cur_util FROM ship_info WHERE max_cap
$stmt->execute([':max_cap' => $max_cap, ':cur_util' =>
// Display results
echo "20XXXXXX STUDENT NAME<br>";
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "Ship ID = " . htmlspecialchars($row['ship_id']) . "<br>";
echo "Ship name = " . htmlspecialchars($row['ship_name']) . "<br>";
echo "Maximum passenger capacity = " . htmlspecialchars($row['max_cap']) . "<br>";
echo "Current utilization = " . htmlspecialchars($row['cur_util']) . "<br>";
echo "<br>";
}
}
?>
<!-- Search form -->
<form method="post" action="">
<h2>Search ships:</h2>
Maximum passenger capacity greater than: <input type="number" name="max_cap" value="3000"><br>
Current utilization less than: <input type="number" name="cur_util" value="85"><br>
<input type="submit" name="submit" value="Submit">
</form>
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 19 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 20 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 21 of 22
2210ESEC371MainA001X00001x
AY2022 Semester 1
C371 ESE
Name
Student ID
END OF SECTION B
End of Assessment
DO NOT write below this line
10/30/2020 9:05:32 AM
Page 22 of 22
2210ESEC371MainA001X00001x
Related documents
Week 12 Exercise
Week 12 Exercise
PHYS-1500 PHYSICAL MODELING ...
PHYS-1500 PHYSICAL MODELING ...
c8a435dc-5d6b-4d22-9bef-c7ea06c8fcf0.pdf
c8a435dc-5d6b-4d22-9bef-c7ea06c8fcf0.pdf
Download
advertisement