Certified Application Security Engineer JAVA Quiz Questions and Answers

An application is said to be secure when it ensures __ of its restricted resources.

Answer :
  • Confidentiality, integrity and availability

Which of the following is not part of SDLC?

Answer :
  • Sales

Cost of Fixing vulnerabilities will be highest at which phase of SDLC?

Answer :
  • Deployment

______may provide path to the attackers to perform injection attacks such as XSS attack, SQL injection attack, etc.

Answer :
  • Improper Input Validation

_____ blocks must be used to clean up code such as releasing resources, closing inpt I/O streams and deleting files.

Answer :
  • Finally

A successful application level attack may result into:

Answer :
  • All of the these

Directory traversal allows attackers to _________________ including appliaction source code, configuaration, and critical system files and execute commands outside the webserver's root directory.

Answer :
  • Access restricted directories

Software security requirements are ________ requirements.

Answer :
  • Non-functional

Application security is the process of developing, adding, and testing security features within applications to prevent security vulnerabilities against threats such as ________ access and modification.

Answer :
  • Unauthorized

An application is said to be secure when it secures ______.

Answer :
  • A) Confidentiality
    B) Integrity
    C) Availability
    All of the above