Tag: security

Questions Related to security

Which encyption algorith is strongest and is being used by US Govt.
technology security

  1. DES

  2. Triple DES

  3. whirpool

  4. AES

Show answer
Correct Option: D

Name Microsoft's experimental project that works just opposite of honeypot project?
technology security

  1. HoneyMonkeys

  2. Honeybees

  3. HoneyHoney

  4. HoneyFix

Show answer
Correct Option: A

What is sandbox in computer world ?
technology security

  1. Antivirus

  2. A restricted environment in which certain functions are prohibited

  3. Worm

  4. Backdoor

Show answer
Correct Option: B

Clickjacking can be used to Trick users to enable their webcam and microphone through Flash
technology security

  1. don't know

  2. no

  3. yes

  4. may be

Show answer
Correct Option: C

What is Cross Site Printing?
technology security

  1. A typo for Cross Site Scripting

  2. A new Printing technology from Microsoft

  3. A new attack that prints to your internal printers when you visit a website

  4. None of these

Show answer
Correct Option: C

Your Internet Banking site is fully SSL enabled. Login-page, Account summary page and Fund transfer page are all HTTPS enabled. When you bank online - login, check your account summary and do a fund transfer, is SSL authentication and handshake happening separately for each page or is it one handshake for all the three pages?
technology security

  1. HTTP is stateless, so is SSL. Full SSL handshake needed for each HTTP page.

  2. SSL is stateful, only one full handshake for multiple HTTP pages in a session.

  3. SSL is security at IP layer. One handshake for one set of source/destination IP address.

  4. dont know

Show answer
Correct Option: A

Which among the below is an example of information leakage vulnerability

technology security

  1. Displaying “Welcome, “+request.getParameter(“userid”)

  2. Displaying “You entered either a wrong user id or password” error message

  3. Call stack trace

  4. Return error code 404

Show answer
Correct Option: C

During testing you observed that after few minutes of initiating the scan appscan locks itself out of the application. How will you resolve the problem
technology security

  1. Configure appscan not to test login/logout pages

  2. Increase the thread count

  3. Decrease the timeout

  4. Increase the timeout

Show answer
Correct Option: A

While analyzing your application you observed that a part of your application is accessed using the domain name whereas the login url is defined as http://10.1.52.3/apps/login.asp. How will you configure appscan to test this Application?

technology security

  1. Add the domain name in the “Additional servers and domains” section in the scan configuration

  2. Add 10.1.52.3 in the “Additional servers and domains” section in the scan configuration

  3. Put the domain name in the login url

  4. Change the application code to reflect the domain name every where

Show answer
Correct Option: A

Which among the below do you think is the right approach for secure session management?
technology security

  1. Display “Welcome, user!” on the home page

  2. Display only “Welcome” on the home page

  3. Invalidate and destroy the session when user logs out

  4. Use persistent cookies for session management

Show answer
Correct Option: C