CS6262 EXAM 250 QUESTIONS & CORRECT ANSWERS
LATEST 2025
T/F: An attacker that uses large botnet to make requests to a server to flood is an
example of amplification attack. - ANSWER-True
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network
DoS. - ANSWER-False
Which of the following actors are part of the cybercrime underground economy?
Exploit Developers
Botnet Masters
Spammers
All of the above - ANSWER-All of the above
Which of the following is/are NOT a potential network DoS mitigation? Select
multiple.
Client Puzzles
CAPTCHAs
Source Identification
Use only TCP
,Increase UDP 3-way handshake - ANSWER-CAPTCHAs
Use only TCP
Increase UDP 3-way handshake
In 2015, GitHub was a victim of a distributed denial of service attack. The
attackers injected malicious JavaScript code in GitHub's web pages. - ANSWER-
False
T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies from the
website ""https://gatech.edu"". The server is not able to distinguish the
overwritten cookies from the original cookies. This is an example of violation of
session integrity. - ANSWER-True
Which is INCORRECT regarding the session token?
Tokens will expire, but there should still be mechanisms to revoke them if
necessary
Token size, like cookie size, is not a concern
The token must be stored somewhere
All of them - ANSWER-Token size, like cookie size, is not a concern
T/F: The HTTPS lock icon on the webpage is only displayed after all elements on a
webpage are fetched using HTTPS, a valid HTTPS cert is issued by a trusted
certificate authority for all elements, and the domain in the URL matches
CommonName or SubjectAlternativeName in cert. - ANSWER-True
,The following question is from the recommended reading "Exposing Private
Information by Timing Web Applications". Which of these are valid defenses by
web applications to resist timing attacks?
Adding random delay to the response
Both the answer choices are correct
Taking constant amount of time always for processing a request - ANSWER-Taking
constant amount of time always for processing a request
You are visiting a page that contains two iframes: http://example.com Links to an
external site. and https://example.com Links to an external site.. They can access
each other's content directly. - ANSWER-False
T/F: HTTPS encrypts the host address to protect the user's privacy. - ANSWER-
False
T/F: Content Security Policy (CSP) is an HTTP header that instructs the web
browser to restrict the source of contents to load or execute. It prevents cross-
site scripting, clickjacking, and code injection attacks. - ANSWER-True
T/F: From the paper "A Look Back at "Security Problems in the TCP/IP Protocol
Suite," it's safe to rely on the IP source address for authentication. - ANSWER-
Flase
T/F: In Steve Friedl's tech tips, he recommends people to run patched servers.
However, patched servers might still be vulnerable. - ANSWER-True
Which of these is a TCP security problem:
, Eavesdropping
Denial of service
Packet sniffing
All of the above - ANSWER-All of the above
T/F: TCP/IP packets are signed and not able to be forged or spoofed by the client -
ANSWER-False
T/F: Randomizing just the initial sequence number completely prevents an
attacker from guessing the right sequence number. - ANSWER-False
T/F: Address attestation is used to protect BGP from incorrect updates. -
ANSWER-True
T/F: A downside of using DNS Pinning as a defense against DNS Rebinding attacks
is that it makes the interaction with VPNs and proxies difficult. - ANSWER-True
What are some of the things to consider when trying to meet the transparency
requirement for malware analysis?
Identical exception handling
Identical notion of time
Higher privilege than the malware
All of the above - ANSWER-All of the above
LATEST 2025
T/F: An attacker that uses large botnet to make requests to a server to flood is an
example of amplification attack. - ANSWER-True
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network
DoS. - ANSWER-False
Which of the following actors are part of the cybercrime underground economy?
Exploit Developers
Botnet Masters
Spammers
All of the above - ANSWER-All of the above
Which of the following is/are NOT a potential network DoS mitigation? Select
multiple.
Client Puzzles
CAPTCHAs
Source Identification
Use only TCP
,Increase UDP 3-way handshake - ANSWER-CAPTCHAs
Use only TCP
Increase UDP 3-way handshake
In 2015, GitHub was a victim of a distributed denial of service attack. The
attackers injected malicious JavaScript code in GitHub's web pages. - ANSWER-
False
T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies from the
website ""https://gatech.edu"". The server is not able to distinguish the
overwritten cookies from the original cookies. This is an example of violation of
session integrity. - ANSWER-True
Which is INCORRECT regarding the session token?
Tokens will expire, but there should still be mechanisms to revoke them if
necessary
Token size, like cookie size, is not a concern
The token must be stored somewhere
All of them - ANSWER-Token size, like cookie size, is not a concern
T/F: The HTTPS lock icon on the webpage is only displayed after all elements on a
webpage are fetched using HTTPS, a valid HTTPS cert is issued by a trusted
certificate authority for all elements, and the domain in the URL matches
CommonName or SubjectAlternativeName in cert. - ANSWER-True
,The following question is from the recommended reading "Exposing Private
Information by Timing Web Applications". Which of these are valid defenses by
web applications to resist timing attacks?
Adding random delay to the response
Both the answer choices are correct
Taking constant amount of time always for processing a request - ANSWER-Taking
constant amount of time always for processing a request
You are visiting a page that contains two iframes: http://example.com Links to an
external site. and https://example.com Links to an external site.. They can access
each other's content directly. - ANSWER-False
T/F: HTTPS encrypts the host address to protect the user's privacy. - ANSWER-
False
T/F: Content Security Policy (CSP) is an HTTP header that instructs the web
browser to restrict the source of contents to load or execute. It prevents cross-
site scripting, clickjacking, and code injection attacks. - ANSWER-True
T/F: From the paper "A Look Back at "Security Problems in the TCP/IP Protocol
Suite," it's safe to rely on the IP source address for authentication. - ANSWER-
Flase
T/F: In Steve Friedl's tech tips, he recommends people to run patched servers.
However, patched servers might still be vulnerable. - ANSWER-True
Which of these is a TCP security problem:
, Eavesdropping
Denial of service
Packet sniffing
All of the above - ANSWER-All of the above
T/F: TCP/IP packets are signed and not able to be forged or spoofed by the client -
ANSWER-False
T/F: Randomizing just the initial sequence number completely prevents an
attacker from guessing the right sequence number. - ANSWER-False
T/F: Address attestation is used to protect BGP from incorrect updates. -
ANSWER-True
T/F: A downside of using DNS Pinning as a defense against DNS Rebinding attacks
is that it makes the interaction with VPNs and proxies difficult. - ANSWER-True
What are some of the things to consider when trying to meet the transparency
requirement for malware analysis?
Identical exception handling
Identical notion of time
Higher privilege than the malware
All of the above - ANSWER-All of the above
