2997555
Beschreibung
Quiz von Carlos Veliz, aktualisiert more than 1 year ago
|
Erstellt von Carlos Veliz
vor mehr als 9 Jahre
|
|
Frage 1
Frage
Indicate which of the statements is the one that corresponds to input validation stored procedures ?.
Antworten
-
Determines whether the input is given by a real user or a computer program
-
This tecniques is used to prevent the client applications from manipulating the contents of server data
-
Prepared statements support parameterized queries that prevent SQL injection
-
Increased performance of the code in case of repeated SQL statements
Frage 2
Frage
In character encoding, one of the following is not a rule for validation of input data
Antworten
-
Each character is passed dynamically to the encoding function
-
Limit exact matches
-
Accept desirable known
-
Sanitize known undesirable matches
-
Reject known undesirables
Frage 3
Frage
It is not a principle to implement in code when you want to validate with Struts Validator
Antworten
-
Implements struts validator class
-
Check for similar number de fields in Action Form and Validation Form
-
Struts validation is done to prevent attacks caused through unchecked input
-
Avoid duplicate validation forms int he validation xml file
-
Enable the Struts Validator in the action form mapping
Frage 4
Frage
In regular expressions, the following expression "(0-9 && (^ 4 5 6 7)" corresponds to:
Antworten
-
A Single digit 0, 1, or 9
-
Any digit number from 0 -9
-
A single digit that is 4, 5 , 6, or 7
-
A single character that is either a lowercase letter or a digit
-
A single digit that is 0, 1, 2, 3, 8, or 9
Frage 5
Frage
Which of the following statements is not a technique for data validation?
Antworten
-
Encode Known Bad
-
Known Good
-
Reject Known bad
-
Accepting Exact Match
-
Accept any unknown
Frage 6
Frage
That considerations should know to implement Servlet filters. Check the wrong choice
Antworten
-
input validation through servlet filters in Java web application is effective due to minor modifications needed for input validation and servlets filters not are centralized in nature
-
Input validation in servlets is through multipart encoded content by handling multipart requests
-
Modern frameworks facilitate to provide input validation in the application itself
-
Servlet can be configured on an application if it does not require multipart request where automatic multipart request should be disabled
-
Application should rely only on one of defense.
Frage 7
Frage
Not a member of the superclass InputStream java.io package
Antworten
-
ByteArrayInputStream
-
FileInputStream
-
FilterInputStream
-
InputStream
-
ObjectInput
Frage 8
Frage
Select the correct statement about Reader Class:
Antworten
-
Writer class is the base class of all the java IO Writer APIs
-
Subclasses include PrintWriter, BuferedWriter, etc
-
Subclasses include PushbackReader, BufferedReader, etc
-
Subclasses include StreamReader, PrintReader, etc
Frage 9
Frage
To prevent exposure of buffers used by untrusted code:
Antworten
-
getbuffercopy()
-
CharBuffer.wrap(data_array)
-
CharBuffer.wrap(data_array).asReadOnlyBuffer()
-
BufferedInputStream(system.input_strm)
Frage 10
Frage
Indicate which of the following statements is not a baseline for designing secured software:
Antworten
-
Reduce the number of persons while granting the high privileges
-
Use only trusted interfaces to reduce the exposure of the data passed between software and its environment
-
Avoid having multiple subjects sharing mechanisms to grant access to a resource
-
Reduce the amont of time on holds onto its privileges
Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.