Cybersecurity Online Test

A web application for ordering cat food charges users and places an order when an HTTP GET request is issued to the following URL:

http://www.catsupplies.com/order?brand=xxxxx&quantity=xxxxx

A malicious website could add snippets like this to their site:

<img src="http://www.catsupplies.com/order?brand=xxxxx&quantity=xxxxx">

What would help protect against such attacks, considering that the web application has the CORS policy that only allows requests from the same site? 

Employees of a company are facing lots of bounced email notifications from email addresses they have never sent messages to. Select the options below which are correct for the given scenario.

You were assigned to do web accessibility testing on a website to buy theater tickets.

You noticed the following in the page:

• The heading appears before the description in the visual page.
• Screen readers order the description before the heading.
• The pricing section is dynamically loaded almost immediately after the rest of the page.
• The picture of the seating arrangements has the alternate text: "Theater".
• The page requires scrolling to reach the end.

Some visually impaired users of the site use a screen reader on their browser.

Which of the following characteristics of the page reduces the accessibility for screen reader users compared to users who don't use a screen reader?

Consider the form provided here. The form should validate all fields once the "Create user" button is clicked and it should clear the form if validation has passed.

The fields have the following constraints:

• First name - required, must have at least one character that is not a whitespace.
• Last name - required, must have at least one character that is not a whitespace.
• Username - required.
• Description - no constraints.
• Address - no constraints.
• Address 2 - optional, if provided it should have at most 5 characters.
• Age - optional, if provided it should be a number between 18 and 65, both included.
• Password - required, it should have at least 4 characters.

Test the form and select all the fields that were not implemented correctly.

An office supplies web store wants to improve the security of their website. A developer suggested a number of changes.

Which of the changes would improve security?

The email service provider has provided only an IP address for the TestDome email server - 192.0.2.0. TestDome owns the domain 'testdome.com'. Fill in the blanks for the correct DNS configuration, so that 'mail.testdome.com' points to the email server.

A computer network has hosts with the following IP addresses:

• 124.127.64.147
• 124.127.64.151
• 124.127.64.155
• 124.127.64.156

What is the routing prefix (in format: address of a network/bit-length of the prefix) for the smallest subnet that contains these four hosts?

124.127.64.___ / __

Consider the screenshot of web page provided here.

Select all the parts of the web page that contain issues like wrong text formatting, missing a page element, or similar.

For the following scenarios, select the most appropriate type of performance testing.

Select the methods that can be used to hide your public IP address when making calls to a remote server over the internet.