Question14Max. score: 1.00Lack of input validation in an application can leed to _________.A) Cross Site ScriptingB) Command injectionC) None of the aboveD) Both A and BReset Answer

Question13Max. score: 2.00Which of these statement is False?Validate all input coming from HTTP headers, users and databaseValidate all input coming from HTTP headers and databaseValidate all input coming from administratorsNone of the aboveReset Answer

Question93Max. score: 1.00In which attack, application accepts input and allow these inputs to enter a database, shell command or operating system making the application susceptibleXXESecurity misconfigurationSensitive data exposureInjection

Question11Max. score: 2.00What would you implement to avoid SQL Injection?Prepared statements or parameterized queries, input validationEffective error handlingStop using a databaseProper access controlReset Answer

Question2Max. score: 2.00Injection vulnerabilities arises due to ___________.Using parameterized queriesSQL being used in the applicationUntrusted data is sent to an interpreter as part of a commandUsing blacklisting instead of whitelistingReset Answer

Determine the best validation control for each input: Username (compulsory):Answer 1Display a summary of all of the validation errors on the page:Answer 2Re-type password:Answer 3United States postal code:Answer 4Number of tickets (maximum 20):Answer 5Odd number only: