Security check can be enforced at compile time by:

B) Writing code for large projects.

D) Adding debug traces to code.

A) Enabling all compiler warnings, and paying attention to these warnings.

C) Checking all pointer against null(0) values before using them.

Which of the following is a best practice for Audit Trail and Logging?

While processing, do not save sensitive information on the file system of the server.

Restrict the access level of configuration and program-level resources.

Apply the principle of Secure Default.

Ensure server time is synchronized.

Temporarily files created by applications can expose confidential data if:

File permissions are not set appropriately

Special characters are not used in the filename to hide the file

The existence of the file exceeds three seconds

Special characters indicating a system file are not used in the filename

One of the main disadvantages of integrating cryptography into applications is:

Possible denial of service if the keys are corrupted.

Enhanced reliability, as users can no longer modify the source code.

Increased stability, as the programs are protected against a virus attack.

Reduced breaches of policy due to disclosure of information.

Which of the following is true about improper error handling?

Attackers can use exposed error messages to craft advanced attacks and gain system access.

Attackers can use error messages to extract specific information from a system.

Attackers can use unexpected errors to knock an application offline, creating a denial-of-service attack.

From application security perspective, why should a CAPTCHA be used in a web application?

To check the color blindness of a user

To check the validity of a user session

To provide biometric authentication

To improve the overall quality of web applications, developers should abide by which of the following rules?

Clean and validate all user input

Allow the use of HIDDEN form fields

Which of the following algorithm/encryption method is the safest to use?

Block Ciphers using Electronic Code Book (ECB) mode

Can integers overflow in python?

No if the operations are done in pure python because python integers have arbitrary precision Yes if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Yes if the operations are done in pure python because python integers have arbitrary precision No if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

No if the operations are done in pure python because python integers have arbitrary precision No if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Yes if the operations are done in pure python because python integers have arbitrary precision Yes if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Secure Programming Practices

Authored by Mohamed Ibrahim

Computers, Instructional Technology, Professional Development

University

Used 11+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

23 questions

Show all answers

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Through a successful format-string attack against a web application, an attacker is able to execute which of the following actions?

All the above options

Read and write to memory at will

Write only certain areas using tokens

Read certain memory areas using the %s token

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Setting the cookie flag to which of the following mode is a good programming practice?

Protected

Secure

Locked

Safe

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Identify the correct statement in the following:

B) Customer trust, reputation, financial, compliance, and privacy are the major reasons to implement a software security program.

C) To secure online data, build secure software.

A) Security is a technical problem and is the responsibility of the security manager.

D) All the above options

E) A) and C)

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Secure practices for access control include which of the following?

All the options

Business workflow

Authorization on each request

Role-based access

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is not recommended to secure web applications against authenticated users?

Running the application with least privileges

Client-side data validation

Filtering data with a default deny regular expression

Using parameterized queries to access a database

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is the best approach to use when providing access to an SSO application in a portal?

Mandatory access control

Biometric access control

Role-based access control

Discretionary access control

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Exception Handling refers to:

During application execution, if certain special conditions are met, a specific subroutine 'exception handler' is called.

All the options

Identifying all possible erroneous inputs, and managing how an application responds to them.

Commercial runtime environments that contain tools to record debugging information from memory at the time of the exception, to provide 'root-cause' analysis information later.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

Week 5: Test your understanding part 1

Quiz

•

University

20 questions

DATASET'24 Quizz (Round 1)

Quiz

•

University

20 questions

SMARTICUS

Quiz

•

University

20 questions

Advertising Quiz I

Quiz

•

University

20 questions

Microsoft Excel

Quiz

•

KG - Professional Dev...

20 questions

Financial Aid Basics

Quiz

•

9th Grade - University

20 questions

data structures1

Quiz

•

University

20 questions

Sistem Informasi Manajemen

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Computers

30 questions

Quiz 1 Review

Quiz

•

University

Secure Programming Practices

Through a successful format-string attack against a web application, an attacker is able to execute which of the following actions?

Setting the cookie flag to which of the following mode is a good programming practice?

Identify the correct statement in the following:

Secure practices for access control include which of the following?

Which of the following is not recommended to secure web applications against authenticated users?

Which of the following is the best approach to use when providing access to an SSO application in a portal?

Exception Handling refers to:

Which of the following is not an authorization type?

Which of the following is a security advantage of managed code over unmanaged code?

There are various HTTP authentication mechanisms to authenticate a user. Login credentials are sent to the web server in clear text, in which of the following authentication scheme?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers