312-96試験無料問題集（49題）「ECCouncil Certified Application Security Engineer (CASE) JAVA 認定」

出題：1

Alice, a security engineer, was performing security testing on the application. He found that users can view the website structure and file names. As per the standard security practices, this can pose a serious security risk as attackers can access hidden script files in your directory. Which of the following will mitigate the above security risk?

A. < int-param > < param-name>directory-listinqs < param-value>true < /init-param >

B. < int-param > < param-name>listinqs < param-value>false < /init-param >

C. < int param > < param-name>directorv-listinqs < param-value>false < /init-param >

D. < int-param > < param-name>listinqs < param-value>true < /init-param

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

It is recommended that you should not use return, break, continue or throw statements in _________

A. Catch block

B. Try-With-Resources block

C. Try block

D. Finally block

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

To enable the struts validator on an application, which configuration setting should be applied in the struts validator configuration file?

A. lsNotvalidate="false"

B. validate="enabled"

C. valid ate-'true"

D. lsNotvalidate="disabled"

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Identify the formula for calculating the risk during threat modeling.

A. RISK = PROBABILITY * DAMAGE POTENTIAL

B. IRISK = PROBABILITY * VULNERABILITY

C. RISK = PROBABILITY " ASSETS

D. RISK = PROBABILITY "Attack

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Alice, a Server Administrator (Tomcat), wants to ensure that Tomcat can be shut down only by the user who owns the Tomcat process. Select the appropriate setting of the CATALINA_HOME/conf in server.xml that will enable him to do so.

A. < server port="8080" shutdown="SHUTDOWN" >

B. < server port="-1" shutdown-*" >

C. < server port="" shutdown-"' >

D. < server port="-1" shutdown="SHUTDOWN" >

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

312-96試験無料問題集「ECCouncil Certified Application Security Engineer (CASE) JAVA 認定」