MULTIPLE CHOICE QUESTIONS:
1. “Incorrect Calculation of Buffer Size” is in the __________ software error category.
A. Porous Defenses
B. Allocation of Resources
C. Risky Resource Management
D. Insecure Interaction Between Components
2. “Improper Access Control (Authorization)” is in the _________ software error
category.
A. Porous Defenses
B. Allocation of Resources
C. Risky Resource Management
D. Insecure Interaction Between Components
3. Defensive programming is sometimes referred to as _________.
A. variable programming B. secure programming
C. interpretive programming D. chroot programming
4. Incorrect handling of program _______ is one of the most common failings in
software security.
A. lines B. input
C. output D. disciplines
5. _________ is a program flaw that occurs when program input data can accidentally or deliberately influence the flow of execution of the program.
A. PHP attack B. Format string injection attack
C. XSS attack D. Injection attack
6. A _________ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.
A. command injection B. SQL injection
C. code injection D. PHP remote code injection
7. A _______ attack is where the input includes code that is then executed by the attacked system.
A. SQL injection B. cross-site scripting
C. code injection D. interpreter injection
8. Blocking assignment of form field values to global variables is one of the defenses available to prevent a __________ attack.
A. PHP remote code injection B. mail injection
C. command injection D. SQL injection
9. __________ attacks are vulnerabilities involving the inclusion of script code in the HTML content of a Web page displayed by a user’s browser.
A. PHP file inclusion B. Mail injection
C. Code injection D. Cross-site scripting
10. A ________ is a pattern composed of a sequence of characters that describe allowable input variants.
A. canonicalization B. race condition
C. regular expression D. shell script
11. The intent of ________ is to determine whether the program or function correctly handles all abnormal inputs or whether it crashes or otherwise fails to respond appropriately.
A. shell scripting B. fuzzing
C. canonicalization D. deadlocking
MULTIPLE CHOICE QUESTIONS:
1. C
2. A
3. B
4. B
5. D
6. A
7. C
8. A
9. D
10. C
11. B
Reviews
There are no reviews yet.