Tag: security

Questions Related to security

Which Scope contain data specific to a user session?
technology security

  1. Page Scope

  2. Session Scope

  3. Request Scope

  4. Application Scope

Show answer
Correct Option: B

SOAP is a
technology security

  1. Depends on how it is used

  2. Stateful protocol

  3. Transport Layer protocol

  4. Stateless protocol

Show answer
Correct Option: D

The difference between a GET and a POST request is
technology security

  1. It does not matter, the web serve will treat all GET requests as POST requests

  2. The information in a POST request cannot be manipulated. It is possible to change a GET request

  3. A GET request is sent when requesting information; A POST request is sent when sending information

  4. The data is sent in the body of the POST request and in the URL in a GET request

Show answer
Correct Option: D

In order to avoid information disclosure error messages containing stack traces, specific application information should be
technology security

  1. Sent to the user in a hidden field so that tech support can retrieve the information later

  2. Destroyed if it occurs to minimize the chances that this information might be inadvertently disclosed

  3. Logged on the server side

  4. A and C

Show answer
Correct Option: C

Name 3 of the elements associated with web services
technology security

  1. WADL, WSDL, SAML

  2. UDDI, WADL, WSDL

  3. SOAP, SAML, WADL

  4. WSDL, SOAP, SAML

Show answer
Correct Option: D

Which form of accountability should be used

technology security

  1. Accounts for each user

  2. Account for each group of users

  3. Accounts for each business unit

  4. None of the above

Show answer
Correct Option: A

What is a back door?
technology security

  1. An administrative interface to an application

  2. When two users access each other's information

  3. A loop hole within an application that allows users to bypass the standard security flow by way of a secret token or identifier

  4. The connection between the application and the database

Show answer
Correct Option: C

Hardcoded credentials in the source code which are checked prior to the normal authentication process is an example of which of the following
technology security

  1. A backdoor

  2. An access control vulnerability

  3. A buffer over flow

  4. A SQL injection vulnerability

Show answer
Correct Option: A

What is suggested as the leading practice for the maximum length of time before users are forced to change their passwords?
technology security

  1. 60 days

  2. 180 days

  3. 120 days

  4. 90 days

Show answer
Correct Option: D

Leaving comments in HTML source code when an application leaves the development environment
technology security

  1. Is a good programming practice

  2. Is very useful during code reviews

  3. Is the recommended practice for secure code maintenance

  4. May give the attacker valuable information to perform an exploit

Show answer
Correct Option: D