Security check can be enforced at compile time by:

B) Writing code for large projects.

D) Adding debug traces to code.

A) Enabling all compiler warnings, and paying attention to these warnings.

C) Checking all pointer against null(0) values before using them.

Which of the following is a best practice for Audit Trail and Logging?

While processing, do not save sensitive information on the file system of the server.

Restrict the access level of configuration and program-level resources.

Apply the principle of Secure Default.

Ensure server time is synchronized.

Temporarily files created by applications can expose confidential data if:

File permissions are not set appropriately

Special characters are not used in the filename to hide the file

The existence of the file exceeds three seconds

Special characters indicating a system file are not used in the filename

One of the main disadvantages of integrating cryptography into applications is:

Possible denial of service if the keys are corrupted.

Enhanced reliability, as users can no longer modify the source code.

Increased stability, as the programs are protected against a virus attack.

Reduced breaches of policy due to disclosure of information.

Which of the following is true about improper error handling?

Attackers can use exposed error messages to craft advanced attacks and gain system access.

Attackers can use error messages to extract specific information from a system.

Attackers can use unexpected errors to knock an application offline, creating a denial-of-service attack.

From application security perspective, why should a CAPTCHA be used in a web application?

To check the color blindness of a user

To check the validity of a user session

To provide biometric authentication

To improve the overall quality of web applications, developers should abide by which of the following rules?

Clean and validate all user input

Allow the use of HIDDEN form fields

Which of the following algorithm/encryption method is the safest to use?

Block Ciphers using Electronic Code Book (ECB) mode

Can integers overflow in python?

No if the operations are done in pure python because python integers have arbitrary precision Yes if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Yes if the operations are done in pure python because python integers have arbitrary precision No if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

No if the operations are done in pure python because python integers have arbitrary precision No if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Yes if the operations are done in pure python because python integers have arbitrary precision Yes if the operations are done in the pydata stack (numpy/pandas), because they use C-style fixed-precision integer

Secure Programming Practices

Quiz

•

Computers, Instructional Technology, Professional Development

•

University

•

Practice Problem

•

Medium

Mohamed Ibrahim

Used 11+ times

FREE Resource

23 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Through a successful format-string attack against a web application, an attacker is able to execute which of the following actions?

All the above options

Read and write to memory at will

Write only certain areas using tokens

Read certain memory areas using the %s token

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Setting the cookie flag to which of the following mode is a good programming practice?

Protected

Secure

Locked

Safe

3.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Identify the correct statement in the following:

B) Customer trust, reputation, financial, compliance, and privacy are the major reasons to implement a software security program.

C) To secure online data, build secure software.

A) Security is a technical problem and is the responsibility of the security manager.

D) All the above options

E) A) and C)

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Secure practices for access control include which of the following?

All the options

Business workflow

Authorization on each request

Role-based access

5.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is not recommended to secure web applications against authenticated users?

Running the application with least privileges

Client-side data validation

Filtering data with a default deny regular expression

Using parameterized queries to access a database

6.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is the best approach to use when providing access to an SSO application in a portal?

Mandatory access control

Biometric access control

Role-based access control

Discretionary access control

7.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Exception Handling refers to:

During application execution, if certain special conditions are met, a specific subroutine 'exception handler' is called.

All the options

Identifying all possible erroneous inputs, and managing how an application responds to them.

Commercial runtime environments that contain tools to record debugging information from memory at the time of the exception, to provide 'root-cause' analysis information later.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

18 questions

Memory-Mobo-Hard/Software

Quiz

•

University

20 questions

"NATIONAL TECHNOLOGY DAY"

Quiz

•

University

20 questions

Google SketchUp Tool

Quiz

•

KG - University

19 questions

Mind Ping

Quiz

•

University

20 questions

Kuis 2 - PKS 1

Quiz

•

University

20 questions

1ºDAM/DAW - Entornos de Desarrollo - UD1-6 - Prof. C. Boni

Quiz

•

University - Professi...

20 questions

TS25 REVISITED

Quiz

•

University

20 questions

Designing Network Infrastructure and Network Security

Quiz

•

KG - University

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Computers

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

20 questions

christmas songs

Quiz

•

KG - University

20 questions

Holiday Trivia

Quiz

•

9th Grade - University

15 questions

Holiday Movies

Quiz

•

University

14 questions

Christmas Trivia

Quiz

•

3rd Grade - University

20 questions

Christmas Trivia

Quiz

•

University

8 questions

5th, Unit 4, Lesson 8

Lesson

•

KG - Professional Dev...

20 questions

Disney Trivia

Quiz

•

University

Secure Programming Practices

23 questions

Through a successful format-string attack against a web application, an attacker is able to execute which of the following actions?

Setting the cookie flag to which of the following mode is a good programming practice?

Identify the correct statement in the following:

Secure practices for access control include which of the following?

Which of the following is not recommended to secure web applications against authenticated users?

Which of the following is the best approach to use when providing access to an SSO application in a portal?

Exception Handling refers to:

Which of the following is not an authorization type?

Which of the following is a security advantage of managed code over unmanaged code?

There are various HTTP authentication mechanisms to authenticate a user. Login credentials are sent to the web server in clear text, in which of the following authentication scheme?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers