Which of the following has MOST likely occurred?
After visiting a website, a user receives an email thanking them for a purchase which they did not request.
Upon investigation the security administrator sees the following source code in a pop-up window:
<HTML>
<body onload=”document.getElementByID(‘badForm’).submit()”>
<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post” >
<input name=”Perform Purchase” value=”Perform Purchase”/>
</form>
</body>
</HTML>
Which of the following has MOST likely occurred?
(Choose two.)
The BEST methods for a web developer to prevent the website application code from being vulnerable to crosssite request forgery (XSRF) are to ____________. (Choose two.)
Which of the following can BEST help prevent cross-site…
Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production
system?
Without validating user input, an application becomes v…
Without validating user input, an application becomes vulnerable to all of the following EXCEPT:
One of the most consistently reported software security…
One of the most consistently reported software security vulnerabilities that leads to major exploits is:
which boundary checking is not performed?
Which of the following is a common coding error in which boundary checking is not performed?
Input validation is an important security defense becau…
Input validation is an important security defense because it:
why is input validation important?
In regard to secure coding practices, why is input validation important?
Which of the following is this an example of?
After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following
appears on his screen:
`Please only use letters and numbers on these fields’
Which of the following is this an example of?
Which of the following is the below pseudo-code an exam…
Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT