Halloween Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ECCouncil 312-96 Certified Application Security Engineer (CASE) JAVA Exam Practice Test

Page: 1 / 5
Total 47 questions

Certified Application Security Engineer (CASE) JAVA Questions and Answers

Question 1

Which of the following relationship is used to describe security use case scenario?

Options:

A.

Threatens Relationship

B.

Extend Relationship

C.

Mitigates Relationship

D.

Include Relationship

Question 2

Ted is an application security engineer who ensures application security activities are being followed during the entire lifecycle of the project. One day, he was analyzing various interactions of users depicted in the use cases of the project under inception. Based on the use case in hand, he started depicting the scenarios where attacker could misuse the application. Can you identify the activity on which Ted is working?

Options:

A.

Ted was depicting abuse cases

B.

Ted was depicting abstract use cases

C.

Ted was depicting lower-level use cases

D.

Ted was depicting security use cases

Question 3

Oliver, a Server Administrator (Tomcat), has set configuration in web.xml file as shown in the following screenshot. What is he trying to achieve?

Question # 3

Options:

A.

He wants to transfer the entire data over encrypted channel

B.

He wants to transfer only response parameter data over encrypted channel

C.

He wants to transfer only request parameter data over encrypted channel

D.

He wants to transfer only Session cookies over encrypted channel

Question 4

Identify the type of attack depicted in the figure below:

Question # 4

Options:

A.

XSS

B.

Cross-Site Request Forgery (CSRF) attack

C.

SQL injection attack

D.

Denial-of-Service attack

Question 5

Jacob, a Security Engineer of the testing team, was inspecting the source code to find security vulnerabilities.

Which type of security assessment activity Jacob is currently performing?

Options:

A.

ISCST

B.

CAST

C.

CAST

D.

SAST

Question 6

It is recommended that you should not use return, break, continue or throw statements in _________

Options:

A.

Finally block

B.

Try-With-Resources block

C.

Try block

D.

Catch block

Question 7

Identify the type of encryption depicted in the following figure.

Question # 7

Options:

A.

Asymmetric Encryption

B.

Digital Signature

C.

Symmetric Encryption

D.

Hashing

Question 8

To enable the struts validator on an application, which configuration setting should be applied in the struts validator configuration file?

Question # 8

Options:

A.

valid ate-'true"

B.

lsNotvalidate="disabled"

C.

lsNotvalidate="false"

D.

validate="enabled"

Question 9

Identify the type of attack depicted in the following figure.

Question # 9

Options:

A.

Denial-of-service attack

B.

SQL Injection attack

C.

Directory Traversal Attack

D.

Form Tampering Attack

Question 10

Which of the following elements in web.xml file ensures that cookies will be transmitted over an encrypted channel?

Options:

A.

< connector lsSSLEnabled="Yes" / >

B.

< connector EnableSSL="true" / >

C.

< connector SSLEnabled="false" / >

D.

< connector SSLEnabled="true" / >

Question 11

Oliver is a web server admin and wants to configure the Tomcat server in such a way that it should not serve index pages in the absence of welcome files. Which of the following settings in CATALINA_HOME/conf/ in web.xml will solve his problem?

Options:

A.

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name > < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > false < /param-value > < /init-param > < load-on-startup > 1 < /load-on-startup > < servlet >

B.

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name > < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > disable < /param-value> < /init-param > < load-on-startup > 1 < /load-on-startup> < /servlet >

C.

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name>< param-value> 0 < /param value>< /init-param > < init-param > < param-name> listings < /param-name > < param-value > enable < /param-value > < /init-param > < load-on-startup> 1 < /load-on-startup > < /servlet >

D.

< servlet > < servlet-name > default < servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name> < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > true < /param-value > < /init-param > < load-on-startup > l < /load-on-startup > < /servlet >

Question 12

A developer has written the following line of code to handle and maintain session in the application. What did he do in the below scenario?

Question # 12

Options:

A.

Maintained session by creating a Session variable user with value stored in uname variable.

B.

Maintained session by creating a HTTP variable user with value stored in uname variable.

C.

Maintained session by creating a Cookie user with value stored in uname variable.

D.

Maintained session by creating a hidden variable user with value stored in uname variable.

Question 13

Which of the following DFD component is used to represent the change in privilege levels?

Question # 13

Options:

A.

3

B.

4

C.

1

D.

2

Question 14

Which of the following configuration settings in server.xml will allow Tomcat server administrator to impose limit on uploading file based on their size?

Options:

A.

< connector... maxFileLimit="file size" / >

B.

< connector... maxPostSize="0"/>

C.

< connector... maxFileSize="file size" / >

D.

< connector... maxPostSize="file size" / >

Page: 1 / 5
Total 47 questions