Back to Web Security

Secure Cookie Handling

5 minutes 5 Questions

Secure Cookie Handling refers to best practices and techniques employed when using cookies to store and transmit sensitive information, such as authentication or session data. Common practices include setting the 'secure' attribute for cookies, ensuring they are transmitted over HTTPS only and prev…

Test mode:
Start practice test
CompTIA Security+ - Secure Cookie Handling Example Questions

Test your knowledge of Secure Cookie Handling

Question 1

You want to ensure that your web application complies with the strict data handling regulations set forth by your industry. All cookies containing personally identifiable information (PII) must be encrypted. Which attribute should you apply?

Correct Answer: Secure

The Secure attribute ensures that the cookie is only transmitted over HTTPS, which provides encryption. The other options do not provide encryption to protect personally identifiable information in cookies.

Question 2

You are a web developer for a bank and you need to ensure cookies storing sensitive user information are as secure as possible. Which attribute should you include to prevent the cookie from being accessed by client-side scripts?

Correct Answer: HttpOnly

The HttpOnly attribute prevents the cookie from being accessed by client-side scripts, helping protect against cross-site scripting (XSS) attacks. The Secure attribute ensures that the cookie is only transmitted over HTTPS, while the other options are not directly related to security.

Question 3

As a developer, you are tasked with mitigating session hijacking attempts on a web application. How should cookies be set to prevent them from being intercepted on insecure connections?

Correct Answer: Using the Secure attribute

Using the Secure attribute ensures that the cookie is only transmitted over HTTPS, protecting it from being intercepted on insecure connections. The other options do not offer protection against session hijacking.

More Secure Cookie Handling questions
1 questions (total)
Start 1 question test