Tag: security

Questions Related to security

Which of the following best describes how to sign a document using a digital signature?
technology security

  1. Create a hash of the document and encrypt the resulting hash using the signer's private key

  2. Encrypt the document using the signer's private key

  3. Encrypt the document using the signer's private key and create a hash of the encrypted document

  4. Encrypt the document using the signer's public key

Show answer
Correct Option: A

How many of security code review tools available in following list • OWASP WebScarab • Fortify • WebInspect • AppScan • Nikto • FindBugs
technology security

  1. 1

  2. 2

  3. 4

  4. 6

Show answer
Correct Option: B

Which of the following framework provides an annotation based validation mechanism?
technology security

  1. Struts 1.1

  2. Struts 1.2

  3. Struts 2

  4. JSF

Show answer
Correct Option: C

Data returned by which of the following methods should be validated before using it. 1. getParameter () 2. getQueryString () 3. getCookies () 4. getHeaders ()
technology security

  1. 1 AND 4

  2. 1 AND 2

  3. 1 AND 2 AND 3

  4. 1 AND 2 AND 3 AND 4

Show answer
Correct Option: D

Identify code below is what type of validation. String input = request.getParameter ("input"); String characterPattern = "/ [^A-z]/"; If (! input. matches (characterPattern)) { out.println (“Invalid Input”); }

technology security

  1. White list validation

  2. Blacklist validation

  3. Mix validation

  4. No validation

Show answer
Correct Option: A

What type of validation done in following code String filterPattern="[<> {}\ [\]; \&]"; String inputStr = s.replaceAll (filterPattern," ");
technology security

  1. Blacklist validation

  2. Whilelist validation

  3. Hibrid validation

  4. No validation

Show answer
Correct Option: A

Which of the following are countermeasures for XSS 1. Releasing Resources after use 2. Input Validation 3. Running with least privilege 4. URL based access control 5. Output Encoding
technology security

  1. 1 AND 4

  2. 2 AND 4

  3. 1 AND 5

  4. 2 AND 5

  5. 1 AND 2 AND 4

  6. 1 AND 2 AND 5

Show answer
Correct Option: D

Identify vulnerability for code below Class Execclass { public static void main (String args []) { Runtime rt = Runtime.getRuntime (); Process proc = rt.exec ("cmd.exe /C") ;} }
technology security

  1. Buffer Overflow

  2. Command Injection

  3. CSRF

  4. XSS

  5. XST

Show answer
Correct Option: B

In a J2EE web application Error page is defined in
technology security

  1. Server.xml

  2. config.xml

  3. web.xml

  4. application.properties

Show answer
Correct Option: C

In web.xml value of is defined in
technology security

  1. Milliseconds

  2. Seconds

  3. Minutes

  4. Hours

Show answer
Correct Option: C