Problem
A. Why is it critical to perform a penetration test on a web application and a web server prior to production implementation?
B. What is a cross-site scripting attack? Explain in your own words.
C. What is a reflective cross-site scripting attack?
D. Which web application attack is more likely to extract privacy data elements out of a database?
E. What security countermeasures could be used to monitor your production SQL databases against injection attacks?
F. What can you do to ensure that your organization incorporates penetration testing and web application testing as part of its implementation procedures?
G. Who is responsible for the CIA of production web applications and web servers?