New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

312-96 Exam Dumps - Certified Application Security Engineer (CASE) JAVA

Go to page:
Question # 9

Which of the following Spring Security Framework configuration setting will ensure the protection from session fixation attacks by not allowing authenticated user to login again?

A.

session-fixation-protection ="newSessionlD"

B.

session-fixation-protection =".

C.

session-fixation-protection ="enabled"

D.

session-fixation-protection =".

Full Access
Question # 10

Which of the risk assessment model is used to rate the threats-based risk to the application during threat modeling process?

A.

DREAD

B.

SMART

C.

STRIDE

D.

RED

Full Access
Question # 11

Which of the following configuration settings in server.xml will allow Tomcat server administrator to impose limit on uploading file based on their size?

A.

< connector... maxFileLimit="file size" / >

B.

< connector... maxPostSize="0"/>

C.

< connector... maxFileSize="file size" / >

D.

< connector... maxPostSize="file size" / >

Full Access
Question # 12

Identify the type of attack depicted in the following figure.

A.

SQL Injection Attacks

B.

Session Fixation Attack

C.

Parameter Tampering Attack

D.

Denial-of-Service Attack

Full Access
Question # 13

A US-based ecommerce company has developed their website www.ec-sell.com to sell their products online. The website has a feature that allows their customer to search products based on the price. Recently, a bug bounty has discovered a security flaw in the Search page of the website, where he could see all products from the database table when he altered the website URL http://www.ec-sell.com/products.jsp?val=100 to http://www.ec-sell.com/products.jsp?val=200 OR '1'='1 -. The product.jsp page is vulnerable to

A.

Session Hijacking attack

B.

Cross Site Request Forgery attack

C.

SQL Injection attack

D.

Brute force attack

Full Access
Question # 14

In a certain website, a secure login feature is designed to prevent brute-force attack by implementing account lockout mechanism. The account will automatically be locked after five failed attempts. This feature will not allow the users to login to the website until their account is unlocked. However, there is a possibility that this security feature can be abused to perform __________ attack.

A.

Failure to Restrict URL

B.

Broken Authentication

C.

Unvalidated Redirects and Forwards

D.

Denial-of-Service [Do

Full Access
Go to page: