Indicate which of the statements is the one that corresponds to input validation stored procedures ?.
Answer
Determines whether the input is given by a real user or a computer program
This tecniques is used to prevent the client applications from manipulating the contents of server data
Prepared statements support parameterized queries that prevent SQL injection
Increased performance of the code in case of repeated SQL statements
Question 2
Question
In character encoding, one of the following is not a rule for validation of input data
Answer
Each character is passed dynamically to the encoding function
Limit exact matches
Accept desirable known
Sanitize known undesirable matches
Reject known undesirables
Question 3
Question
It is not a principle to implement in code when you want to validate with Struts Validator
Answer
Implements struts validator class
Check for similar number de fields in Action Form and Validation Form
Struts validation is done to prevent attacks caused through unchecked input
Avoid duplicate validation forms int he validation xml file
Enable the Struts Validator in the action form mapping
Question 4
Question
In regular expressions, the following expression "(0-9 && (^ 4 5 6 7)" corresponds to:
Answer
A Single digit 0, 1, or 9
Any digit number from 0 -9
A single digit that is 4, 5 , 6, or 7
A single character that is either a lowercase letter or a digit
A single digit that is 0, 1, 2, 3, 8, or 9
Question 5
Question
Which of the following statements is not a technique for data validation?
Answer
Encode Known Bad
Known Good
Reject Known bad
Accepting Exact Match
Accept any unknown
Question 6
Question
That considerations should know to implement Servlet filters. Check the wrong choice
Answer
input validation through servlet filters in Java web application is effective due to minor modifications needed for input validation and servlets filters not are centralized in nature
Input validation in servlets is through multipart encoded content by handling multipart requests
Modern frameworks facilitate to provide input validation in the application itself
Servlet can be configured on an application if it does not require multipart request where automatic multipart request should be disabled
Application should rely only on one of defense.
Question 7
Question
Not a member of the superclass InputStream java.io package
Answer
ByteArrayInputStream
FileInputStream
FilterInputStream
InputStream
ObjectInput
Question 8
Question
Select the correct statement about Reader Class:
Answer
Writer class is the base class of all the java IO Writer APIs
Subclasses include PrintWriter, BuferedWriter, etc
Subclasses include PushbackReader, BufferedReader, etc
Subclasses include StreamReader, PrintReader, etc
Question 9
Question
To prevent exposure of buffers used by untrusted code:
Answer
getbuffercopy()
CharBuffer.wrap(data_array)
CharBuffer.wrap(data_array).asReadOnlyBuffer()
BufferedInputStream(system.input_strm)
Question 10
Question
Indicate which of the following statements is not a baseline for designing secured software:
Answer
Reduce the number of persons while granting the high privileges
Use only trusted interfaces to reduce the exposure of the data passed between software and its environment
Avoid having multiple subjects sharing mechanisms to grant access to a resource
Reduce the amont of time on holds onto its privileges