Tag: security
Questions Related to security
-
Web Proxy
-
XSS Scanner
-
An insecure J2EE web application
-
None of the above
-
White-box testing is performed by an independent programmer team
-
Black-box testing uses the bottom-up approach
-
Black-box testing involves the business units
-
White-box testing examines the program internal logical structures
-
Grey-box testing
-
Black-box testing
-
White-box testing
-
None of these
-
A penetration test enumerates resources, and a vulnerability assessment enumerates vulnerabilities
-
They are one and the same
-
A penetration test identifies running services, and vulnerability assessments provide a more in-depth understanding of vulnerabilities
-
A penetration test exploits vulnerabilities, and a vulnerability assessment finds vulnerabilities
-
Acquiring, Testing, Installing
-
Testing, Remediation, Peer Review
-
Determine needs, Acquire resources, Install the patch
-
Both A & B
-
Set autocomplete to “0”
-
Set autocomplete to “Off”
-
Set autocomplete to some other value
-
Set autocomplete to “no-store”
-
No. Because leads to insecure storage of private information of the customer
-
Yes. Because it is a good logging practice to log all relevant information during an exception
-
Yes. Because it will help in troubleshooting specific customer problems
-
No. Because its an additional over head
-
SQL Injection
-
Denial of Service
-
XML Injection
-
All of the above
-
Resources to become unavailable to legitimate users
-
Cross Site Tracing
-
Server Instability
-
Both A and B
-
Web Server configuration files
-
Application configuration files
-
Application error handlers
-
All of the above