Securing a database application with username/password access control Only when combined with other controls

should be considered
A race condition sufficient:
in a web server can cause which of the following? BOTH A AND C
Authentication and session management are security concerns of which of ALL
the following
Exception programming
Handling refers to:languages? ALL
From application security perspective, why should a CAPTCHA be used in a To prevent scripted attacks
web application?
Identify the correct statement in the following: AND B
Identify the correct statement in the following: LOGIC BOMB
Identify the correct statement in the following: ACCOUNTABILITY
Identify the correct statement in the following: D) All the C) To securB) Customer
Identify the correct statement in the following: ALL Unclear secSecure soft
In a multi-staged login mechanism, which of the following regarding The application should validate the credentials s
application
One of the mainsecurity should be ensured
disadvantages by the cryptography
of integrating developer? into applications
Possible denial of service if the keys are corrupte
is:
Security check can be enforced at compile time by Adding A.Enabling C) Checking all pointer agai
Temporarily files created by applications can expose confidential data if: debug
FILE
tracesPERMISSIONS
to
There are various HTTP authentication mechanisms to authenticate a user. code.
Basic
Login
Throughcredentials are sent
a successful to the web
format-string server
attack in clear
against text,application,
a web in which of an
the
following authentication scheme? Read and write to memory at will
attacker is able information
When valuable to execute whichhas toofbethe following actions?
transmitted as part of a client request, POST METHOD
which of the following mode should be used?
Which of the following are secure programming guidelines? A), B) and C)
Which of the following is not an authorization type? User Access Control
Which of the following is the best approach to use when providing access to Role-based access control
an SSOof
Which application in a is
the following portal?
true about improper error handling? All the above options
Which of the following methods can be used by the client and server to A AND B
validate user input?
d with other controls

E) A) and CA) Security is a technical problem and is the responsibility of the security manager.
The effort for application security must be linked with the criticality of the application.
ld validate the credentials supplied at each stage and the previous stages.
rvice if the keys are corrupted.
C) Checking all pointer against null(0) values before using them

emory at will