Hello Friends, In this post we are going to discuss Secure Programming Practices Multiple choice question | Secure Programming Practices Objective type question | Secure Programming Practices TCS Fresco play dumps | Secure Programming Practices TCS Fresco Milestone Answer
Q1.Which of the following is true about improper error handling?
Answer : All the above options
Q2.Exception Handling refers to:
Answer : All the above options
Q3.Which of the following is not an appropriate method to make an authentication mechanism secure?
Answer: Providing default access.
Q4.When valuable information has to be transmitted as part of a client request, which of the following mode should be used?
Answer : POST method with a suitable encryption mechanism
Q5.Which of the following methods can be used by the client and server to validate user input?
Answer : E) A) and B)
Q6.Which of the following is not recommended to secure web applications against authenticated users?
Answer: Client-side data validation
Q7.There are various HTTP authentication mechanisms to authenticate a user. Login credentials are sent to the web server in clear text, in which of the following authentication scheme?
Answer: Basic
Q8.A race condition in a web server can cause which of the following?
Answer : E) Both A) and C)
Q9.What is the purpose of Audit Trail and Logging?
Answer : All the above options
Q10.Which of the following is not an authentication method?
Answer: Cookie-based
Q11.Temporarily files created by applications can expose confidential data if:
Answer: File permissions are not set appropriately
Q12.Which of the following are secure programming guidelines?
Answer : E) A), B) and C)
Q13.To improve the overall quality of web applications, developers should abide by which of the following rules?
Answer : Clean and validate all user input
Q14.Setting the cookie flag to which of the following mode is a good programming practice?
Answer : Secure
Q15.Security check can be enforced at compile time by:
Answer : E) A) and C)
Q16.Which of the following is a security advantage of managed code over unmanaged code?
Answer : Size of the attack surface
Q17.Secure practices for access control include which of the following?
Answer : ALl
Q18.Which of the following is not an authorization type?
Answer : User Access Control
Q19.Which of the followings are secure programming guidelines?
Answer : A, B & C
Q20.Which of the following is the best approach to use when providing access to an SSO application in a portal?
Answer : Role-based access control
Q21.Authentication and session management are security concerns of which of the following programming languages?
Answer : All
Q22.From application security perspective, why should a CAPTCHA be used in a web application?
Answer : To prevent scripted attacks
Q23.Temporarily files created by applications can expose confidential data if
Answer : File permissions are not set appropriately
Q24.Securing a database application with username/password access control should be considered sufficient
Answer : Only when combined with other controls
Q25.In a multi-staged login mechanism, which of the following regarding application security should be Ensured by the developer?
Answer : The application should validate the credentials supplied at each stage and the previous
stages.
Q26.Identify the correct statement in the following:
Development teams need not worry about rework due to security vulnerability. High vulnerability can be ignored, and software can be released to the customer. A firewall is the best protection against application attacks.
Answer : None of the above options.
Q27.Which of the following statement is not true regarding Error Handling and Logging?
Answer : Never implement a generic error page.
Q28.Identify the correct statement in the following:
Answer : E) A and B