Certified Application Security Engineer JAVA Quiz Questions and Answers

Cost of Fixing vulnerabilities will be highest at which phase of SDLC?

Answer :
  • Deployment

_____ blocks must be used to clean up code such as releasing resources, closing inpt I/O streams and deleting files.

Answer :
  • Finally

A successful application level attack may result into:

Answer :
  • All of the these

An application is said to be secure when it secures ______.

Answer :
  • All of the above

Port ___ and ___ are generally open on perimeter for legitimate web traffic.

Answer :
  • 80, 443

Directory traversal allows attackers to _________________ including appliaction source code, configuaration, and critical system files and execute commands outside the webserver's root directory.

Answer :
  • Access restricted directories

SQL injection attacks use a ___________ to directly manipulate the database.

Answer :
  • Series of malicious SQL queries

CSS attacks exploit vulnerabilities in dynamically generated web pages, which enables malicious attackers to inject _______ into web pages viewed by other users.

Answer :
  • Client side script

Parameter attack involves _______ between client and server in order to modify application data such as user credentials and permissions , price, and quanity of products.

Answer :
  • Manipulation of parameters exchanged

Functional security requirements are specific to _______.

Answer :
  • Business security