Certified Application Security Engineer JAVA Quiz Questions and Answers
Cost of Fixing vulnerabilities will be highest at which phase of SDLC?
Answer :
Deployment
_____ blocks must be used to clean up code such as releasing resources, closing inpt I/O streams and deleting files.
Answer :
Finally
A successful application level attack may result into:
Answer :
All of the these
An application is said to be secure when it secures ______.
Answer :
All of the above
Port ___ and ___ are generally open on perimeter for legitimate web traffic.
Answer :
80, 443
Directory traversal allows attackers to _________________ including appliaction source code, configuaration, and critical system files and execute commands outside the webserver's root directory.
Answer :
Access restricted directories
SQL injection attacks use a ___________ to directly manipulate the database.
Answer :
Series of malicious SQL queries
CSS attacks exploit vulnerabilities in dynamically generated web pages, which enables malicious attackers to inject _______ into web pages viewed by other users.
Answer :
Client side script
Parameter attack involves _______ between client and server in order to modify application data such as user credentials and permissions , price, and quanity of products.
Answer :
Manipulation of parameters exchanged
Functional security requirements are specific to _______.