最新的ECCouncil Certified Application Security Engineer (CASE) JAVA - 312-96免費考試真題
問題1
In which phase of secure development lifecycle the threat modeling is performed?
正確答案: D
說明:(僅 VCESoft 成員可見)
問題2
Identify what should NOT be catched while handling exceptions.
正確答案: A
說明:(僅 VCESoft 成員可見)
問題3
According to secure logging practices, programmers should ensure that logging processes are not disrupted by:
正確答案: A
說明:(僅 VCESoft 成員可見)
問題4
Identify the formula for calculating the risk during threat modeling.
正確答案: A
說明:(僅 VCESoft 成員可見)
問題5
A
US-based ecommerce company has developed their website www.ec-sell.com to sell their products online.
The website has a feature that allows their customer to search products based on the price. Recently, a bug bounty has discovered a security flaw in the Search page of the website, where he could see all products from the database table when he altered the website URL http://www.ec-sell.com/products.jsp?val=100 to
http://www.ec-sell.com/products.jsp?val=200 OR
'1'='1 -. The product.jsp page is vulnerable to
US-based ecommerce company has developed their website www.ec-sell.com to sell their products online.
The website has a feature that allows their customer to search products based on the price. Recently, a bug bounty has discovered a security flaw in the Search page of the website, where he could see all products from the database table when he altered the website URL http://www.ec-sell.com/products.jsp?val=100 to
http://www.ec-sell.com/products.jsp?val=200 OR
'1'='1 -. The product.jsp page is vulnerable to
正確答案: B
說明:(僅 VCESoft 成員可見)

