Tag: security

Questions Related to security

Out of the following which one can be considered as a possible solutions for SQL injection vulnerability?
technology security

  1. Data Validation

  2. Secure Cookies

  3. Encryption

  4. Comprehensive exception handling

Show answer
Correct Option: A

Which of the following should be stored in the cookie?
technology security

  1. Session ID

  2. Account Privileges

  3. UserName

  4. Password

Show answer
Correct Option: A

Data hashing will
technology security

  1. Ensure that the data has not been tampered with

  2. Ensure that the session is valid

  3. Ensure that the user is valid

  4. All of the above

Show answer
Correct Option: A

If the characters %00%0A (CR+LF) are detected at the end of an input string this is most likely which of the following attacks?
technology security

  1. Cross Site Scripting

  2. Phishing

  3. SQL Injection

  4. HTTP Response Splitting

Show answer
Correct Option: D

Which of the following best describes the difference between white-box testing and black-box testing?
technology security

  1. White-box testing is performed by an independent programmer team

  2. Black-box testing uses the bottom-up approach

  3. Black-box testing involves the business units

  4. White-box testing examines the program internal logical structures

Show answer
Correct Option: D

Scanning underlying source code with a database of regular expressions to quickly identify suspicious code, application inputs, outputs etc primarily relates to ..
technology security

  1. Grey-box testing

  2. Black-box testing

  3. White-box testing

  4. None of these

Show answer
Correct Option: C

What is the difference between network vulnerability assessment and a penetration test?
technology security

  1. A penetration test enumerates resources, and a vulnerability assessment enumerates vulnerabilities

  2. They are one and the same

  3. A penetration test identifies running services, and vulnerability assessments provide a more in-depth understanding of vulnerabilities

  4. A penetration test exploits vulnerabilities, and a vulnerability assessment finds vulnerabilities

Show answer
Correct Option: D

A successful forced browsing attack indicates a vulnerability in
technology security

  1. The configuration management

  2. The session management

  3. The change management process

  4. The authorization process

Show answer
Correct Option: D

Which of the protocols can be used together?
technology security

  1. SOAP and SAML

  2. SOAP and HTTP

  3. SSL and SOAP

  4. All

Show answer
Correct Option: D

Administrative pages for websites should be protected by
technology security

  1. A mechanism that requires only a password

  2. Basic authentication

  3. 2/3 factor authentication

  4. A mechanism with no lock-out, to prevent accidentally denying legitimate access

Show answer
Correct Option: C