3. Which of the following is not a web server attack type?
Answers
Answered by
2
where are the options friend.....?
Answered by
0
Correct Question:
Which of the following is not a web server attack type?
(a) DOS Attack
(b) Website Defacement using SQLi
(c) Directory Traversal
(d) Password Guessing
Among the following, the (d) Password Guessing is not a web server attack type.
What Are Web Servers?
- Web servers are where websites are hosted. Web servers are computers that run an operating system and are connected to a back-end database.
- Web servers typically run different applications, such as web browsers and web server software. Vulnerabilities in applications, databases, operating systems, or networks can lead to attacks on web servers.
Types of Web Server Attacks
Some of the web server attack types are as follows:
- DOS Attack: An attacker may cause a denial of service attack by sending numerous requests to the web server, or by exploiting a programming error in the application.
- Website Defacement: SQL injection attacks are used to tamper with the data on a website. If an attacker finds that the input field is not properly sanitized, it could maliciously create a query executed by a web browser by adding a SQL string. He might store malicious or unrelated data in the database, which could lead to irrelevant data showing up when someone requests the website.
- Directory Traversal: This is a vulnerability that allows an attacker to access beyond the web root from within the application. If it can access beyond the web root directory, it can run operating system commands and retrieve sensitive information or access restricted directories.
- Phishing Attack: An attacker might send you a link that looks legitimate, but instead takes you to a malicious website that steals your data.
Hence, we find that password guessing is not a type of web server attack, it is a guess attack or brute force attack that relies on guessing the passwords of a website or system.\
#SPJ3
Similar questions