The system where two independent pieces of data are used to identify a user is called as two-factor authentication. The two factors should not share a common vulnerability.

The URL of the page that had the link that the user clicked to access the page is called as referrer. The HTTP protocol allows the server to check the referrer.

If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as SQL injection attacks.

A log of all changes to the application data is called as audit trail. This helps us maintain security as it tracks all the breaches on the system.

SAML (Security assertion Markup Language) is the standard for exchanging authentication and authorization information between two different security domains. This provides a cross-organization sign-on.

Man in the middle attacks are those attacks in which the users are forced to divert to a fake site where the attack takes place. The fake site is then used to obtain the data from the user.

Out of the given options, only public key encryption is a valid approach to an encryption technique. In this, there are two different keys to encrypt the data.

Phishing attacks are those attacks in which users are fooled by similar GUI and data is extracted from them. The fake site is then used to obtain the data from the user.

Password leakage is a major security problem because the leaked password grants access to malicious visitors.

An attack on a website that stores and displays text to a user is known as XSS attack. It is called as cross site scripting attack.