SYO 701 WEB APPLICATION SECURITY Module FC

SYO 701 WEB APPLICATION SECURITY Module FC

Assessment

Flashcard

Computers

University

Hard

Created by

Oak Academy

FREE Resource

Student preview

quiz-placeholder

51 questions

Show all answers

1.

FLASHCARD QUESTION

Front

  1. 3. Which of the following vulnerabilities is associated with installing software outside of a manufacturer's approved software repository?

Back

D. Side loading

2.

FLASHCARD QUESTION

Front

  1. 7. Which of the following involves an attempt to take advantage of database misconfigurations?

Back

B. SQL injection

3.

FLASHCARD QUESTION

Front

  1. 20. Which of the following are the most likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Choose two).

Back

D. Included third-party libraries

E. Vendors/supply chain

4.

FLASHCARD QUESTION

Front

58. A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

Back

C. Input validation

5.

FLASHCARD QUESTION

Front

78. A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies. Which of the following is the most important consideration during development?

Back

B. Availability

6.

FLASHCARD QUESTION

Front

123. A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?

Back

D. Enabling full packet capture for traffic entering and exiting the servers

7.

FLASHCARD QUESTION

Front

130. Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

Back

D. Peer review and approval

Create a free account and access millions of resources

Create resources
Host any resource
Get auto-graded reports
or continue with
Microsoft
Apple
Others
By signing up, you agree to our Terms of Service & Privacy Policy
Already have an account?