Input validation is an important security defense because it:

Which of the following is a common coding error in which boundary checking is not performed?

One of the most consistently reported software security vulnerabilities that leads to major exploits is:

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a
production system?

The BEST methods for a web developer to prevent the website application code from being vulnerable to
cross-site request forgery (XSRF) are to: (Select TWO).

After visiting a website, a user receives an email thanking them for a purchase which they did not request.
Upon investigation the security administrator sees the following source code in a pop-up window:
<HTML>
<body onload=”document.getElementByID(‘badForm’).submit()”>
<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post” >
<input name=”Perform Purchase” value=”Perform Purchase”/>
</form>
</body>
</HTML>
Which of the following has MOST likely occurred?

Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be
is known as:

Vendors typically ship software applications with security settings disabled by default to ensure a wide
range of interoperability with other applications and devices. A security administrator should perform
which of the following before deploying new software?