2997555
Description
Quiz by Carlos Veliz, updated more than 1 year ago
|
Created by Carlos Veliz
almost 9 years ago
|
|
Question 1
Question
Indicate which of the statements is the one that corresponds to input validation stored procedures ?.
Answer
-
Determines whether the input is given by a real user or a computer program
-
This tecniques is used to prevent the client applications from manipulating the contents of server data
-
Prepared statements support parameterized queries that prevent SQL injection
-
Increased performance of the code in case of repeated SQL statements
Question 2
Question
In character encoding, one of the following is not a rule for validation of input data
Answer
-
Each character is passed dynamically to the encoding function
-
Limit exact matches
-
Accept desirable known
-
Sanitize known undesirable matches
-
Reject known undesirables
Question 3
Question
It is not a principle to implement in code when you want to validate with Struts Validator
Answer
-
Implements struts validator class
-
Check for similar number de fields in Action Form and Validation Form
-
Struts validation is done to prevent attacks caused through unchecked input
-
Avoid duplicate validation forms int he validation xml file
-
Enable the Struts Validator in the action form mapping
Question 4
Question
In regular expressions, the following expression "(0-9 && (^ 4 5 6 7)" corresponds to:
Answer
-
A Single digit 0, 1, or 9
-
Any digit number from 0 -9
-
A single digit that is 4, 5 , 6, or 7
-
A single character that is either a lowercase letter or a digit
-
A single digit that is 0, 1, 2, 3, 8, or 9
Question 5
Question
Which of the following statements is not a technique for data validation?
Answer
-
Encode Known Bad
-
Known Good
-
Reject Known bad
-
Accepting Exact Match
-
Accept any unknown
Question 6
Question
That considerations should know to implement Servlet filters. Check the wrong choice
Answer
-
input validation through servlet filters in Java web application is effective due to minor modifications needed for input validation and servlets filters not are centralized in nature
-
Input validation in servlets is through multipart encoded content by handling multipart requests
-
Modern frameworks facilitate to provide input validation in the application itself
-
Servlet can be configured on an application if it does not require multipart request where automatic multipart request should be disabled
-
Application should rely only on one of defense.
Question 7
Question
Not a member of the superclass InputStream java.io package
Answer
-
ByteArrayInputStream
-
FileInputStream
-
FilterInputStream
-
InputStream
-
ObjectInput
Question 8
Question
Select the correct statement about Reader Class:
Answer
-
Writer class is the base class of all the java IO Writer APIs
-
Subclasses include PrintWriter, BuferedWriter, etc
-
Subclasses include PushbackReader, BufferedReader, etc
-
Subclasses include StreamReader, PrintReader, etc
Question 9
Question
To prevent exposure of buffers used by untrusted code:
Answer
-
getbuffercopy()
-
CharBuffer.wrap(data_array)
-
CharBuffer.wrap(data_array).asReadOnlyBuffer()
-
BufferedInputStream(system.input_strm)
Question 10
Question
Indicate which of the following statements is not a baseline for designing secured software:
Answer
-
Reduce the number of persons while granting the high privileges
-
Use only trusted interfaces to reduce the exposure of the data passed between software and its environment
-
Avoid having multiple subjects sharing mechanisms to grant access to a resource
-
Reduce the amont of time on holds onto its privileges
Want to create your own Quizzes for free with GoConqr? Learn more.