Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
Recherché précédemment par vous
Recherché précédemment par vous
logo
WGU D385 Software Security and Testing Exam 2024 New Latest Updated Version with All Questions and 100% Correct Answers €21,58
Ajouter au panier
Accédez rapidement à
Aperçu
  2.  
  3. WGU D385 Software Security And Testing
  4.  
  5. WGU D385 Software Security and Testing

Examen

WGU D385 Software Security and Testing Exam 2024 New Latest Updated Version with All Questions and 100% Correct Answers

1 vérifier
 3 fois vendu
  • Cours
  • WGU D385 Software Security and Testing
  • Établissement
  • WGU D385 Software Security And Testing

WGU D385 Software Security and Testing Exam 2024 New Latest Updated Version with All Questions and 100% Correct Answers

Aperçu 4 sur 37  pages

Infos sur le Document

  • 3 mars 2024
  • 37
  • 2023/2024
  • Examen
  • Questions et réponses

Sujets

  • wgu d385
  • wgu d385 software security and testing exam 2024
  • wgu d385 software security and testing exam
  • software security and testing exam 2024
  • d385 software security and testing exam

École, étude et sujet

  • WGU D385 Software Security and Testing
  • WGU D385 Software Security and Testing

1  vérifier

review-writer-avatar

Par: cmcgi22 • 3 mois de cela

Vendeur

avatar-seller
johnwachi22

Avis reçus

Aperçu du contenu

WGU D 385 So ftware Security and Testing Exam 2024 New Latest Updated Version w ith All Questions and 100% C orrect Answers What is CORS? --------- Correct Answer ---------- CORS (cross origin resource sharing) is a way to relax the browsers SOP (same origin policy - ensures certain resources are accessible only to documents with the same origin) What is the difference between the intentions of CORS and CSRF resistance? --------- Correct Answer ---------- The purpose of CSRF (cross site request forgery) resistance is to reject unintentional malicious requests for the sake of safety. The purpose of CORS is accept intentional requests for feature functionality.. relaxes the SOP. Which security vulnerability is shown? A. Man -in-the-middle B. Cross -site scripting C. Denial of service D. Code injection --------- Correct Answer --------- A. Man -in-the-middle Consider the following assertion statement: def authorizeAdmin(usr): assert isinstance(usr, list) and usr != [], "No user found" assert 'admin' in usr, "No admin found." print("You are granted full access to the application.") If __name__ == '__main__': authorizeAdmin(['user']) What should be the response after running the code? A. AssertionError: No admin found B. AssertionError: No user found C. Authorized User D. You are granted full access to the application --------- Correct Answer --------- A. AssertionError: No admin found A security analyst has noticed a vulnerability in which an attacker took over multiple users' accounts. Which vulnerability did the security analyst encounter? A. Broken access control B. Broken function level authorization C. API mass assignment D. Privilege escalation --------- Correct Answer --------- A. Broken access control Which method is used for a SQL injection attack? ---------- Correct Answer ---------- - exploiting query parameters What does cross -origin resource sharing (CORS) allow users to do? ---------- Correct Answer ---------- - Override same starting policy for specific resources Which protocol caches a token after it has been acquired? ---------- Correct Answer ------
---- - MSAL When creating a new user, an administrator must submit the following fields to an API endpoint: Name Email Address Password IsAdmin What is the best way to ensure the API is protected against privilege escalation? A. Implement resource and field -level access control B. Ensure incoming requests are rate limited C. Remove IsAdmin from the endpoint D. Encrypt the incoming request --------- Correct Answer --------- A. Implement resource and field -level access control Which method is used for a SQL injection attack? A. Exploiting query parameters B. Passing safe query parameters C. Using SQL composition D. Utilizing literal parameters --------- Correct Answer --------- A. Exploiting query parameters What does cross -origin resource sharing (CORS) allow users to do? A. Override same starting policy for specific resources B. Connect web security models C. Prevent the passing of credentials D. Protect the client header from exposure --------- Correct Answer --------- A. Override same starting policy for specific resources Which protocol caches a token after it has been acquired? A. MSAL B. Auth0 C. LDAP D. ACL --------- Correct Answer --------- A. MSAL Consider the following API code snippet: import requests url = 'https://website.com/' # Get request result = requests.get(url) # Print request print(result.content.decode()) Which status code will the server return? A. 403 B. 200 C. 401 D. 400 --------- Correct Answer --------- A. 403 The user submits the following request to an API endpoint that requires a header: import requests url = 'https://api.github.com/invalid' try: request_response = requests.get(url) # If the response was successful, no Exception will be raised request_response.raise_for_status() except Exception as err: print(f'Other error occurred: {err}') else: print('Success!') Which response code will the user most likely be presented with? A. 404—"Not found" B. 200—"OK" C. 400—"Bad request" D. 401—"Unauthorized" --------- Correct Answer --------- A. 404—"Not found" What is the primary defense against log injection attacks? A. Sanitize outbound log messages B. Do not use parameterized stored procedures in the database C. Allow all users to write to these logs D. Use API calls to log actions --------- Correct Answer --------- A. Sanitize outbound log messages An attacker exploits a cross -site scripting vulnerability. What is the attacker able to do? A. Access the user's data B. Execute a shell command or script C. Discover other users' credentials D. Gain access to sensitive files on the server --------- Correct Answer --------- A. Access the user's data Which Python function is prone to a potential code injection attack? A. eval() B. type() C. print() D. append() --------- Correct Answer --------- A. eval() What are two common defensive coding techniques? A. Check functional preconditions and postconditions B. Encrypt passwords and email submissions C. Adjust length and encoding of messages D. Develop code with exceptions to find errors --------- Correct Answer --------- A. Check functional preconditions and postconditions Which package is meant for internal use by Python for regression testing? A. test B. regress test C. doctest D. assert --------- Correct Answer --------- A. test A security analyst is reviewing code for improper input validation. Which type of input validation does this code show? isValidNumber = False while not isValidNumber: try: pickedNumber = int(input('Pick a number from 1 to 10')) if pickedNumber >= 1 and pickedNumber <= 10: isValidNumber = True except: print('You must enter a valid number from 1 to 10') print('You picked the number ' + str(pickedNumber))

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur johnwachi22. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €21,58. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

68175 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 15 ans

Commencez à vendre!
€21,58  3x  vendu
  • (1)
Ajouter au panier
Ajouté