1. Question: Which of the following crypto in PHP returns longest hash value?

    A
    md5()

    B
    sha1()

    C
    crc32()

    D
    All return same length hash

    Note: Not available
    1. Report
  2. Question: When attempting to prevent a cross-site scripting attack, which of the following is most important?

    A
    Not writing Javascript on the fly using PHP

    B
    Filtering Output used in form data

    C

    D

    E

    Note: Not available
    1. Report
  3. Question: Which of the following php.ini directives should be disabled to improve the outward security of your application?

    A
    safe_mode

    B

    C

    D
    display_errors

    E
    allow_url_fopen

    Note: Not available
    1. Report
  4. Question: Which of the following list of potential data sources should be considered trusted?

    A

    B
    $_ENV

    C

    D
    $_COOKIE

    E

    Note: Not available
    1. Report
  5. Question: What is the best way to ensure the distinction between filtered / trusted and unfiltered / untrusted data?

    A

    B
    Never trust any data from the user

    C
    Enable built-in security features such as magic_quotes_gpc and safe_mode

    D
    Always filter all incoming data

    E
    Use PHP 5's tainted mode

    Note: Not available
    1. Report
  6. Question: Consider the following code:

    <?php
    session_start();

    if(!empty($_REQUEST['id'])
    && !empty($_REQUEST['quantity'])) {
    $id = scrub_id($_REQUEST['id']);
    $quantity = scrub_quantity($_REQUEST['quantity'])
    $_SESSION['cart'][] = array('id' => $id,
    'quantity' => $quantity)
    }

    /* .... */

    ?>
    What potential security hole would this code snippet produce?

    A
    Cross-Site Scripting Attack

    B
    There is no security hole in this code

    C
    Code Injection

    D
    SQL Injection

    E
    Choose 1 answer

    Note: Not available
    1. Report
  7. Question: What is the best measure one can take to prevent a cross-site request forgery?

    A
    Disallow requests from outside hosts

    B

    C
    Turn off allow_url_fopen in php.ini

    D

    E
    Filter all input

    Note: Not available
    1. Report
  8. Question: Consider the following code:

    <?php
    header("Location: {$_GET['url']}");
    ?>
    Which of the following values of $_GET['url'] would cause session fixation?

    A

    B

    C

    D
    Set-Cookie%3A+PHPSESSID%611234

    E

    Note: Not available
    1. Report
  9. Question: When implementing a permissions system for your Web site, what should always be done with regards to the session?

    A
    None

    B

    C
    Sessions should be cleared of all data and re-populated

    D
    The session key should be regenerated

    E

    Note: Not available
    1. Report
  10. Question: A fingerprint of a string can be determined using which of the following?

    A
    md5()

    B

    C

    D

    E
    biomatrix()

    Note: Not available
    1. Report
Copyright © 2024. Powered by Intellect Software Ltd