To understand how the Risk score for each threat is calculated in DREAD methodology, the user needs to know the components of the DREAD acronym, which stands for Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability. In this method, each component is scored on a scale of 0 to 10, with 10 representing the highest possible value. The scores for each component are then used to calculate the overall risk score for each threat.

Now, let's go through each option and explain why it is right or wrong:

A. Risk score = (Reproducibility * Exploitability * Discoverability) / (Damage potential * Affected users) This option is incorrect. The formula is not correct as it is multiplying the Reproducibility, Exploitability, and Discoverability and dividing it by the Damage potential and Affected users. The correct formula involves adding up the scores for each of the five components, not multiplying and dividing them.

B. Risk score = (Reproducibility * Exploitability - Discoverability) ^ (Damage potential + Affected users) This option is incorrect. The formula is not correct as it is subtracting the Discoverability from the product of Reproducibility and Exploitability, and then taking the result to the power of the sum of Damage potential and Affected users. The correct formula involves adding up the scores for each of the five components, not subtracting and taking the power of them.

C. Risk score = (Reproducibility + Exploitability + Discoverability) / (Damage potential + Affected users) This option is incorrect. The formula is not correct as it is adding the Reproducibility, Exploitability, and Discoverability and then dividing it by the sum of Damage potential and Affected users. The correct formula involves adding up the scores for each of the five components, but not dividing them by anything.

D. Risk score = (Reproducibility + Exploitability + Discoverability) * (Damage potential + Affected users) This option is correct. The formula is correct as it is adding the Reproducibility, Exploitability, and Discoverability and then multiplying it by the sum of Damage potential and Affected users. The correct formula involves adding up the scores for each of the five components, and then multiplying them by each other.

Therefore, the answer is: D

To select the correct choice for "Security Design Principle," the user needs to have knowledge about security design principles and their components.

Now, let's go through each option and explain why it is right or wrong:

A. 1) Keep it easy to understand 2) Secure default access 3) Defense in Depth 4) encapsulation 5) Highest privilege

This option is incorrect because it includes "highest privilege," which means giving users the maximum level of access, which is not a good security practice as it can lead to data breaches or unauthorized access. The other principles listed are correct.

B. 1) Keep it easy to understand 2) Secure access 3) Defense in Depth 4) encapsulation 5) Highest privilege

This option is incorrect because it lacks the principle of "least privilege," which is a fundamental security principle that means providing users with the minimum level of access they need to perform their tasks. This principle helps reduce the attack surface and minimize the damage in case of a breach.

C. 1) Keep it simple and secure 2) Secure default access 3) Defense in Depth 4) Compartmentalization 5) Least privilege

This option is correct. It includes all the essential security design principles, such as secure default access, defense in depth, compartmentalization, and least privilege. Moreover, it emphasizes keeping the design simple, which is always a good practice.

D. 1) Keep it easy to understand 2) Secure access 3) DMZ 4) encapsulation 5) Highest privilege

This option is incorrect because it includes "DMZ," which is not a design principle but a network architecture that separates the internal network from the external network. Also, it includes "highest privilege," which is not a good security practice.

Therefore, the correct answer is:

The Answer is: C

To solve this question, the user needs to know the different types of testing techniques used in cybersecurity. The user must identify the type of testing in which activities are performed to find active machines, open ports, available services, identifying the OS, and mapping the network.

Now, let's go through each option and explain why it is right or wrong:

A. Passive Scanning: This option is incorrect because passive scanning is a type of testing in which the tester monitors network traffic and collects data without actively engaging with the network.

B. Social Engineering: This option is incorrect because social engineering is a type of attack that exploits human behavior to gain access to systems or information.

C. Scanning: This option is correct. Scanning is a type of testing that involves actively probing a network to identify active machines, open ports, available services, identifying the OS, and mapping the network.

D. Fuzzing: This option is incorrect because fuzzing is a type of testing that involves sending random or invalid data to a system to identify vulnerabilities.

The Answer is: C

To answer this question, the user needs to understand the different types of access control mechanisms that can be used to provide access to an SSO application in a portal.

A. Mandatory access control: This access control mechanism is typically used in secure environments such as military or government settings. It is a strict access control mechanism that assigns access levels to users based on their security clearance level. This approach is not suitable for providing access to SSO applications in a portal.

B. Role Based Access Control: This access control mechanism assigns roles to users based on their job functions and responsibilities. The roles are used to determine what type of access a user has to an SSO application. This approach is suitable for providing access to SSO applications in a portal.

C. Discretionary Access Control: This access control mechanism allows users to determine who has access to their resources. This approach is not suitable for providing access to SSO applications in a portal.

D. Biometric access control: This access control mechanism uses biometric data such as fingerprints or facial recognition to authenticate users. This approach is not suitable for providing access to SSO applications in a portal.

Therefore, the best approach to be used while providing access to SSO application in a portal is Role Based Access Control.

The Answer is: B

The correct answer is A. Nessus.

Nessus is a widely used tool for system vulnerability testing. It helps identify and assess vulnerabilities in various systems and networks. It performs scans to detect potential weaknesses and provides detailed reports on the vulnerabilities found. Nessus is known for its extensive vulnerability database and its ability to perform comprehensive security assessments.

Options B, C, and D are not specifically designed for system vulnerability testing:

B. HP Web Inspect: HP Web Inspect is a web application security testing tool that focuses on identifying vulnerabilities in web applications, rather than system vulnerabilities.

C. TAM: It is unclear what "TAM" refers to in this context. Without more information, it is difficult to determine if it is a tool suitable for system vulnerability testing.

D. SDL: SDL stands for "Security Development Lifecycle," which is a methodology for developing secure software. It is not a specific tool used for system vulnerability testing.

Therefore, option A, Nessus, is the most appropriate tool for system vulnerability testing.

To read XML documents, the query language used is XPath.

Option A is correct because XPath is a query language used to navigate and select elements and attributes in an XML document. It provides a syntax for addressing specific parts of an XML document, similar to how directories and files are addressed in a file system.

Option B, XmlReader, is incorrect because XmlReader is a .NET class used to read XML documents, but it is not a query language. It provides a way to read XML data sequentially and extract information from it.

Option C, SQL, is incorrect because SQL is a query language used to interact with relational databases, not XML documents.

Option D, xmlPlus, is incorrect because there is no such query language with that name for reading XML documents.

Therefore, the answer is: A. XPath

To solve this question, the user needs to know about common web application vulnerabilities and their characteristics.

The correct answer is: C. Session fixation

Option A, SQL Injection, is incorrect because it is a type of attack that targets the database layer of a web application, not the HTTP protocol layer that handles form submissions.

Option B, Cross Site Request Forgery (CSRF), is incorrect because it involves tricking a user into submitting a form on a different website that performs an action on the user's behalf on a target website, not manipulating the values submitted within a form on the same website.

Option D, Session Hijacking, is incorrect because it involves stealing or guessing a user's session ID to impersonate them on a web application, not manipulating the values submitted within a form.

Option C, Session Fixation, is the correct answer. Session fixation is a type of attack where an attacker sets a user's session ID before the user logs in, then waits for the user to authenticate with that ID. Once the user logs in, the attacker can use the known session ID to access the user's session and perform actions on their behalf. In this case, the attacker could set a cookie value in the HTML form submission and then use that value to access the user's session.

To solve this question, the user needs to understand what Threat Modeling is and what tools can be used for it.

Threat Modeling is a process of identifying potential security threats and vulnerabilities in an application or system. It helps to find security weaknesses early in the development cycle, reducing the risk of costly security breaches in the future.

Now, let's go through each option and explain why it is right or wrong:

A. HP Web Inspect: HP Web Inspect is a web application security scanner that can help identify vulnerabilities in web applications. However, it is not a tool that is typically used for threat modeling.

B. Nessus: Nessus is a popular vulnerability scanner that can help detect and report potential security issues. While it can be used as part of a threat modeling process, it is not specifically designed for threat modeling.

C. Open Vas: OpenVAS is an open-source vulnerability scanner that can help identify vulnerabilities in networks and systems. While it can be used as part of a threat modeling process, it is not specifically designed for threat modeling.

D. TAM: TAM (Threat Agent Modeling) is a structured approach to identifying potential threats to a system or application. It is a tool that can be used for threat modeling, as it helps identify and prioritize potential threats based on the likelihood and impact of each threat.

Therefore, the correct answer is: D. TAM

To ensure that audit and access logs of the application are valid in the court of law, the following requirements have to be met:

A. The log should have the URL accessed by the user: This is an important requirement as it helps in identifying the exact action taken by the user on the application.

B. Date and time logged in the logs should be in IST format: This requirement ensures that the date and time mentioned in the logs are accurate and can be easily correlated with other events.

C. Logs have to be in W3C format: This is not a mandatory requirement, but logs in W3C format are widely accepted as a standard format for web server logs.

D. System time is in sync with INDIA domain time and the logs should have uniquely identifiable information about the user: This is a crucial requirement as it helps in establishing the authenticity of the logs and the actions taken by the user. Uniquely identifiable information about the user can include the user's IP address, username, or any other information that can uniquely identify the user.

Therefore, options A, B, and D are all mandatory for the audit and access logs of the application to be valid in the court of law.

The Answer is: D

To solve this question, the user needs to have knowledge of data retention policies and best practices for managing defective media.

Option A: Using the defective media for overwriting current logs is not recommended. The data on the defective media is potentially corrupted or lost, and using it for overwriting current logs can result in further data loss or inconsistency.

Option B: This is the correct answer. Informing stakeholders and degaussing the media is the best approach for managing defective media. Degaussing the media involves exposing it to a magnetic field to erase all data stored on it. This is a secure and effective way to dispose of defective media.

Option C: Keeping the defective media safely and securely in a fireproof safe may seem like a good idea, but it is not an effective way to manage defective media. The data on the defective media is still potentially corrupted or lost, and there is no guarantee that it will remain secure in the safe.

Option D: Formatting the media is not recommended. Formatting may not be effective in erasing all data, and it may also overwrite any remaining data on the media, making it difficult or impossible to recover.

Therefore, the correct answer is:

The Answer is: B. Inform stakeholders and degauss the media.

To solve this question, the user needs to have knowledge of web security and common malicious techniques used by hackers.

The technique described in the question is known as "Clickjacking", which is used to trick web users into clicking on a button or link that is disguised as something else, thereby revealing confidential information or taking control of their computer.

Now, let's go through each option and explain why it is right or wrong:

A. Clickjacking: This option is correct. Clickjacking is a malicious technique used by hackers to deceive web users into clicking on a disguised button or link, which results in the user revealing confidential information or giving control of their computer to the attacker.

B. RoughJacking: This option is incorrect. "RoughJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

C. CyberJacking: This option is incorrect. "CyberJacking" is a broad term that can refer to a range of malicious activities, but it is not specific to the technique described in the question.

D. CrackJacking: This option is incorrect. "CrackJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

Therefore, the correct answer is: A. Clickjacking.