Page: 1
/ 10
Total 49 questions
Sam, an application security engineer working in INFRA INC., was conducting a secure code review on an application developed in Java. He found that the developer has used a piece of code as shown in the following screenshot. Identify the security mistakes that the developer has coded?
- A. He is attempting to use client-side validation
- B. He is attempting to use whitelist input validation approach
- C. He is attempting to use regular expression for validation
- D. He is attempting to use blacklist input validation approach
Answer : D
Identify the type of attack depicted in the following figure.
- A. SQL Injection Attacks
- B. Session Fixation Attack
- C. Parameter Tampering Attack
- D. Denial-of-Service Attack
Answer : C
According to secure logging practices, programmers should ensure that logging processes are not disrupted by:
- A. Catching incorrect exceptions
- B. Multiple catching of incorrect exceptions
- C. Re-throwing incorrect exceptions
- D. Throwing incorrect exceptions
Answer : D
Which of the threat classification model is used to classify threats during threat modeling process?
- A. RED
- B. STRIDE
- C. DREAD
- D. SMART
Answer : B
31 days access 