Chapter 9 Assessment

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

CHAPTER 9 ASSESSMENT

Before integrating a web application, a designer must be aware of the associated risks and measures to mitigate those risks.
1. True
2. False
Which one of the following is not a security or privacy target concern of authentication?
1. Elevation of privilege
2. Disclosure of confidential data
3. Data tampering
4. Man-in-the-middle attacks
When a secure web application is designed, the only aspect that can be manipulated is private access areas.
1. True
2. False
A security policy may contain which of the following elements?
1. Secure coding procedures
2. Access control mechanisms
3. Noncompliance consequences
4. All of these are correct.
5. B and C
You are part of programming team developing a web application. Your manager has implemented tracking mechanisms to ensure all developers work on the application within the same guidelines. What has your manager implemented?
1. Acceptable use policy
2. Application-based access control
3. SCM
4. Correct usage policy
A malicious user has gained access to the administrator’s account and increased the user’s account status. This is an example of ___________.
Session management defines how systems handle and manage user sessions.
1. True
2. False
__________can occur within a web application when a user’s authentication token is intercepted by the attackers and used to bypass the authentication controls of the application.
Which of the following are fundamental aspects of the JavaScript secure coding standard? (Select two.)
1. Duplicate code for redundancy
2. Restrict privileges
3. Establish trust boundaries
4. Use dynamic SQL
You have decided to use several forms in your HTML website. Which of the following types of attacks may take advantage of poorly coded HTML forms?
1. Social engineering
2. Injection
3. Man-in-the-middle
4. Elevation of privilege
Which of the following should you use to secure online forms?
1. Input validation
2. Secure communication protocols
3. Password protection
4. All of these are correct.
Error messages can reveal information about a server that an attacker can use to exploit the system.
1. True
2. False

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Chapter 9 Assessment

Create new playlist

Sign In

Sign Up

CHAPTER 9 ASSESSMENT

Table of Contents for
Chapter 9 Assessment