Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CS 3710 > Web Security > Flashcards

Web Security Flashcards

(2 cards)

Start Studying
1
Q

List five fields that are in a typical server certificate

A
  1. Subject: The identity of the webiste
  2. Issuer: The Certificate Authority that issued the certificate
  3. Public Key: The server’s public key, used during key exchange
  4. Validity Period: The start and end dates during which the certificate is valid.
  5. Signature: The CA’s digital signature that verifies the certificate’s authenticity.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How did Heartbleed attack work?

A

-A client would send heartbeat request to he server, including some data and a claimed length
-The server was supposed to send back the same data
-But the OpenSSL didn’t check if the claimed data length was accurate
0An attacker could send a small amount of data and claim it was much longer
-The server would then respond with that many bytes from its memory, including private keys, passwords, or sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS 3710 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions