SYO 701 WEB APPLICATION SECURITY Module FC

3. 3. Which of the following vulnerabilities is associated with installing software outside of a manufacturer's approved software repository?

7. 7. Which of the following involves an attempt to take advantage of database misconfigurations?

20. 20. Which of the following are the most likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Choose two).

58. A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

78. A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies. Which of the following is the most important consideration during development?

123. A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?

130. Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

137. Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?

146. A company's web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?

151. Which of the following enables the use of an input field to run commands that can view or manipulate data?