After visiting a website, a user receives an email thanking them for a purchase which they did not request.
Upon investigation the security administrator sees the following source code in a pop-up window:
<HTML>
<body onload=”document.getElementByID(‘badForm’).submit()”>
<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post” >
<input name=”Perform Purchase” value=”Perform Purchase”/>
</form>
</body>
</HTML>
Which of the following has MOST likely occurred?

The BEST methods for a web developer to prevent the website application code from being vulnerable to crosssite request forgery (XSRF) are to ____________. (Choose two.)

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production
system?

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

One of the most consistently reported software security vulnerabilities that leads to major exploits is:

Which of the following is a common coding error in which boundary checking is not performed?

Input validation is an important security defense because it:

In regard to secure coding practices, why is input validation important?

After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following
appears on his screen:
`Please only use letters and numbers on these fields’
Which of the following is this an example of?

Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT