When is the best time to think about application security
During testing
During development
During design
During all phases of application development
For a security program to be effective it requires both :
Technical and non technical methods
Countermeasures and safeguards
Physical and non logical controls
Security procedures and encryption
What is meant by Authorization?
Method of validating a credential set
Method of ensuring that a subject is the entity it claims to be
Method of validating the entitlements for an authenticated subject
Another term for identification
The ASAP process can applied at which phase of an application development for best results?
During all phases of development starting with requirement analysis and ending with rollout
What is the method signature for hashing password?
String hashPassword(String password)
String hashPassword(String password, String accountName)
String hashpassword(String password)
None of the above
What is the return type of the verifyPasswordStrength() method in the security API?
Boolean
String
Integer
void
What is the return type of the isAuthorizedForData() method in the security API?
boolean
What is the return type of the getCSRFToken() method?
Byte
BigInteger
What kind of exception does the method login(HttpServletRequest request, HttpServletResponse response) throw?
LoginException
EnterpriseSecurityException
SecurityException
IntrusionException
Which are the default scripting codecs supported by the security API
JavaScript
VBScript
Both of the above