Tag: security

Questions Related to security

Application Security should be considered during
technology security

  1. Contract Negotiations

  2. Testing phase only

  3. Coding Phase only

  4. All the phases of SDLC

Show answer
Correct Option: D

Trusted websites are typically attacked using
technology security

  1. vulnerability expliots

  2. malware uploads on user driven sites

  3. internal attacks

  4. all of these

Show answer
Correct Option: D

Which is the latest version of SSL which is not vulnerable
technology security

  1. 1

  2. 2

  3. 3

  4. 4

Show answer
Correct Option: C

When do we use STRIDE technique in Web application security
technology security

  1. Defect Prevention

  2. DAR

  3. Design

  4. Threat Modelling

Show answer
Correct Option: D

What is the most secure way to design the Forgot Password feature?
technology security

  1. We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct, display the old password

  2. We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, display the old password

  3. We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, then we should send a mail to the users authorized mail id with a link which will t

  4. We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, display the new password

Show answer
Correct Option: C

What is the method name of the Java Class "Cookie" to be used to indicate to the browser whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL?
technology security

  1. setSSL()

  2. setCookieSSL()

  3. setCookieSecure()

  4. setSecure()

Show answer
Correct Option: D

What is the security issue related to persistent cookie
technology security

  1. Persistent cookie information is transmitted thru HTTP

  2. Persistent cookie does not expire when the browser is hard closed.

  3. Persistent cookie are created on harddisk and hence they are readable as a file

  4. No security issue in using Persistent cookie

Show answer
Correct Option: B

What manditory information does a audit log contain
technology security

  1. User ID Time stamp Source IP Error codes, if any Priority

  2. User ID , password Time stamp Source IP Error codes, if any Priority

  3. User ID , password Time stamp Source IP Error codes, if any Priority , URL accessed

  4. User ID Time stamp Source IP Error codes, if any Priority , URL accessed, method used, http protocol version, browser type, the referrer page, the response code

Show answer
Correct Option: D

Out of the following which one is not a software security metric
technology security

  1. Vulnerabilities detected on xyz server

  2. Effort slippage

  3. Number of non negligible risks in the application

  4. Total exceptions not handled correctly

Show answer
Correct Option: B

Expand OWASP
technology security

  1. Open Web Application Security Program

  2. Open Web Application Security Project

  3. Open Source Web Application Security Process

  4. Open Web Application Security Process

Show answer
Correct Option: B