CS 6262 Network Security Quizzes Questions Answered Correctly Latest Update 2025-2026
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network DoS. - Answers
False
Which of the following actors are part of the cyber crime underground economy? - Answers
Exploit Developers, Botnet Masters, Spammers
Which of the following is/are NOT a potential network level DoS mitigation?
(hints: Which method is not for mitigating Dos? Which method is used for mitigating DoS
attacks at the application level instead?)
- Client Puzzles
- CAPTCHAs
- Use only TCP
- Increase UDP 3-way handshake
- Source Identification - Answers CAPTCHAs, Use only TCP, Increase UDP 3-way handshake
T/F: In 2015, GitHub was a victim of a distributed denial of service attack. The attackers injected
malicious JavaScript code in GitHub's web pages. - Answers False
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network DoS - Answers
False
Select tools used for scanning in the Penetration methodology
- nmap
- john the ripper
- siphon
- fping - Answers - nmap
- siphon
- fping
Suppose that a company owns two websites: A.com and B.com. Where a website of A.com
dynamically gets resources from B.com via AJAX requests depending on the user's input, which
of the following mechanisms can be adopted by the developers of B.com to allow A.com to gain
access to their resources?
, - Cross Origin Resource Sharing
- Content Security Policy
- Allow Page Access Policy
- Same Origin Policy - Answers Cross Origin Resource Sharing
Which of the following is/are social engineering techniques:
- Impersonation of Help Desk
- Email Attachments
- Tailgating
- Pop-up windows - Answers Impersonation of Help Desk, Email Attachments, Tailgating, Pop-up
windows
T/F: Subresource integrity uses a cryptographic hash to ensure that webpage subresources
have not changed on the way. - Answers True
Which of the following is true for modern browsers that meet RFC6265, assuming the following
cookie information?
Cookie 1 information: name=cookie1; domain: cs6262.gatech.com; path: /canvas
Cookie 2 information: name=cookie2; domain: cs6262.gatech.edu; path: /
- The browser can send cookie2 to mail.cs6262.gatech.edu host
- As both cookies have the same path, the browser can send cookie1 to cs6262.gatech.com and
cs6262.gatech.edu.
- cs6262.gatech.com can access the cookie2 since .com top-level domain (TLD) takes higher
precedence than the .edu TLD.
- None of the above - Answers The browser can send cookie2 to mail.cs6262.gatech.edu host
Which of the following URLs is accessible from http://goodsecurity.com under the Same Origin
Policy in modern browsers that meet RFC 6454, assuming the website uses the
standard/default ports for HTTP and HTTPS?
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network DoS. - Answers
False
Which of the following actors are part of the cyber crime underground economy? - Answers
Exploit Developers, Botnet Masters, Spammers
Which of the following is/are NOT a potential network level DoS mitigation?
(hints: Which method is not for mitigating Dos? Which method is used for mitigating DoS
attacks at the application level instead?)
- Client Puzzles
- CAPTCHAs
- Use only TCP
- Increase UDP 3-way handshake
- Source Identification - Answers CAPTCHAs, Use only TCP, Increase UDP 3-way handshake
T/F: In 2015, GitHub was a victim of a distributed denial of service attack. The attackers injected
malicious JavaScript code in GitHub's web pages. - Answers False
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent network DoS - Answers
False
Select tools used for scanning in the Penetration methodology
- nmap
- john the ripper
- siphon
- fping - Answers - nmap
- siphon
- fping
Suppose that a company owns two websites: A.com and B.com. Where a website of A.com
dynamically gets resources from B.com via AJAX requests depending on the user's input, which
of the following mechanisms can be adopted by the developers of B.com to allow A.com to gain
access to their resources?
, - Cross Origin Resource Sharing
- Content Security Policy
- Allow Page Access Policy
- Same Origin Policy - Answers Cross Origin Resource Sharing
Which of the following is/are social engineering techniques:
- Impersonation of Help Desk
- Email Attachments
- Tailgating
- Pop-up windows - Answers Impersonation of Help Desk, Email Attachments, Tailgating, Pop-up
windows
T/F: Subresource integrity uses a cryptographic hash to ensure that webpage subresources
have not changed on the way. - Answers True
Which of the following is true for modern browsers that meet RFC6265, assuming the following
cookie information?
Cookie 1 information: name=cookie1; domain: cs6262.gatech.com; path: /canvas
Cookie 2 information: name=cookie2; domain: cs6262.gatech.edu; path: /
- The browser can send cookie2 to mail.cs6262.gatech.edu host
- As both cookies have the same path, the browser can send cookie1 to cs6262.gatech.com and
cs6262.gatech.edu.
- cs6262.gatech.com can access the cookie2 since .com top-level domain (TLD) takes higher
precedence than the .edu TLD.
- None of the above - Answers The browser can send cookie2 to mail.cs6262.gatech.edu host
Which of the following URLs is accessible from http://goodsecurity.com under the Same Origin
Policy in modern browsers that meet RFC 6454, assuming the website uses the
standard/default ports for HTTP and HTTPS?
