Professional Documents
Culture Documents
Your application is created using a language that does not support a clear
distinction between code and data. Which vulnerability is most likely to occur
in your application?
Injection
Insecure direct object references
Failure to restrict URL access
Insufficient transport layer protection
A user is able to pass malicious input that invokes control codes in your Web
application. Which vulnerability is most likely to occur in your Web
application?
Injection
Insecure direct object references
Failure to restrict URL access
Insufficient transport layer protection
Which of the following is the best way to protect against injection attacks?
SQL queries based on user input
Input validation using an allow list
Memory size checks
Validate integer values before referencing arrays
Which mitigation technique can help you strictly define valid input?
Allow list
Memory size checks
Table indirection
Escaping
Which mitigation technique helps you tell the parser that a specific character is
a literal and not a control character?
Table indirection
Allow list
Escaping
Block list
True or false: You should use a blacklist wherever possible; use whitelists only
as a secondary defense.
True
False
Which of the following is the best way to prevent malicious input exploiting
your application?
Input validation using an allow List
Using encryption
Using table indirection
Using GET/POST parameters
An attacker submits data to the server and the data is stored on the server.
Which type of vulnerability is most likely to occur in your application?
DOM-based XSS
Reflected XSS
Persistent XSS
Cross-site request forgery
Which of the following input sources can be directly controlled by a malicious
user?
GET/POST parameters
Server configuration files
Ports
Server code
Which of the following actions should you take before implementing a custom
authentication and session management system?
Find out if the HttpOnly flag is set in cookies.
Find out if you can use a small extension to an existing component to
implement the system.
Find out if form variables are available to store data.
Find out if you need to use session-based indirection.
Which of the following is the best way to ensure that JavaScript cannot be used
to access a cookie?
Set the secure flag in the cookie
Set the HttpOnly flag in the cookie
Use the CAPTCHA system
Use non-persistent cookies
Which threat is most likely to occur when a Web application fails to validate a
client's access to a resource?
Injection
Cross-site scripting
Insecure direct object reference
Cross-site request forgery
Which of the following is the best way to mitigate the threat of an insecure
direct object reference attack?
Use session-based indirection.
Use POST parameters instead of GET parameters.
Use a regular expression.
Send successful logins to a well-known location instead of automatic
redirection.
True or false: Time of Check Time of Use (TOCTOUoccurs if the
authorization check is performed on one page of a Web site and the resource is
used on a different page.
True
False
Your Web application stores information about many accounts. Which threat is
your Web application susceptible to if you can manipulate the URL of an
account page to access all accounts?
Cross-site request forgery
Insecure direct object reference
Cross-site scripting
Injection
You have not yet applied some recent service packs and updates to your Web
application. Which of the following threats is your Web server susceptible to?
Injection
Security misconfiguration
Insecure cryptographic storage
Cross-site request forgery
Which of the following is the best way to reevaluate your environment and
address new threats?
Add or remove network segments.
Use the white-list validation of allowed input technique.
Use custom cryptographic algorithms.
Use your browser to forge unauthorized requests.
Which of the following depicts the typical impact of failure to restrict URL
access?
Attackers perform man-in-the-middle attacks.
Attackers impersonate any user on the system.
Attackers invoke functions and services they have no authorization for.
Attackers perform all actions that the victims themselves have permission to
perform.
Which of the following actions should you take to test the security of your Web
application?
Use policy mechanisms.
Use a simple and positive model at every layer.
Set the secure flag on session ID cookies.
Use your browser to forge unauthorized requests.
Which of the following should you use to protect the connections between the
physical tiers of your application?
EFS
SSL
HTTP
Kerberos
Which of the following is the best way to implement transport layer protection?
Install IDS
Enable SSL
Set the HttpOnly flag on session ID cookies
Perform client-side validation.
Which of the following is most likely to result from unvalidated redirects and
forwards?
Brute force attack
Network sniffing
Man-in-the-middle attack
Bypassed authorization checks
Which of the following is the best way to protect a Web application from
unvalidated redirects and forwards?
Validate the referrer header.
Use extended validation certificates.
Use the escaping technique.
Disallow requests to unauthorized file types.
Which of the following is the best way to detect unvalidated redirects and
forwards?
Use internal transfers without authorizing the user for target URL
Use your browser to forge unauthorized requests
Use weblogs to identify redirects and forwards
Use policy mechanisms
True or false: Most security issues are related to input and a user’s ability to
interact with and control input.
True
False
True or false: If user input can be confused for instructions in the language or
the way the language is applied then the language is vulnerable to an injection
attack.
True
False
In which of the following scenarios should you use the escaping technique?
When user input is echoed back to the user in HTML
When you need to validate any input as valid input
When you are trying to protect against regular expression injection
When you need to tell the interpreter that input is code
Which of the following is the best way to prevent unvalidated redirect and
forwards vulnerabilities?
Use an allow list such as table indirection.
Use client-side validation.
Allow only absolute redirects.
Use session-based indirection.