Tag: security

Questions Related to security

How to stop forceful browsing?

technology security

  1. Check authorization on each page

  2. Name files with un-guessable names

  3. Place all accessible files in the same directory

  4. ACL's on the web root

Show answer
Correct Option: A

Extra parameters which are currently not used in the application
technology security

  1. Is necessary to check some functionalities during the testing and production support

  2. May lead to security breaches

  3. Do not consume significant bandwidth and so can be allowed in the application

  4. Is necessary in case the application needs a future addition

Show answer
Correct Option: B

How long does a request scope exist?
technology security

  1. The length of the User's Session

  2. The length of a single HTTP response

  3. The length of a single HTTP request

  4. Until the server is rebooted

Show answer
Correct Option: C

Which of the following best describes the difference between white-box testing and black-box testing?
technology security

  1. White-box testing is performed by an independent programmer team

  2. Black-box testing uses the bottom-up approach

  3. Black-box testing involves the business units

  4. White-box testing examines the program internal logical structures

Show answer
Correct Option: D

Scanning underlying source code with a database of regular expressions to quickly identify suspicious code, application inputs, outputs etc primarily relates to ..
technology security

  1. Grey-box testing

  2. Black-box testing

  3. White-box testing

  4. None of these

Show answer
Correct Option: C

What is the difference between network vulnerability assessment and a penetration test?
technology security

  1. A penetration test enumerates resources, and a vulnerability assessment enumerates vulnerabilities

  2. They are one and the same

  3. A penetration test identifies running services, and vulnerability assessments provide a more in-depth understanding of vulnerabilities

  4. A penetration test exploits vulnerabilities, and a vulnerability assessment finds vulnerabilities

Show answer
Correct Option: D

What is the method signature for hashing password?
technology security

  1. String hashPassword(String password)

  2. String hashPassword(String password, String accountName)

  3. String hashpassword(String password)

  4. None of the above

Show answer
Correct Option: B

What is the return type of the verifyPasswordStrength() method in the security API?
technology security

  1. Boolean

  2. String

  3. Integer

  4. void

Show answer
Correct Option: D

What is the return type of the isAuthorizedForData() method in the security API?
technology security

  1. String

  2. boolean

  3. Integer

  4. void

Show answer
Correct Option: B

What is the return type of the getCSRFToken() method?
technology security

  1. Integer

  2. Byte

  3. String

  4. BigInteger

Show answer
Correct Option: C