New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

312-96 Certified Application Security Engineer (CASE) JAVA Questions and Answers

Questions 4

In which phase of secure development lifecycle the threat modeling is performed?

Options:

A.

Coding phase

B.

Testing phase

C.

Deployment phase

D.

Design phase

Buy Now
Questions 5

Which of the following method will help you check if DEBUG level is enabled?

Options:

A.

isDebugEnabled()

B.

EnableDebug ()

C.

IsEnableDebug ()

D.

DebugEnabled()

Buy Now
Questions 6

Which of the following relationship is used to describe abuse case scenarios?

Options:

A.

Include Relationship

B.

Threatens Relationship

C.

Extend Relationship

D.

Mitigates Relationship

Buy Now
Questions 7

Which of the following configuration settings in server.xml will allow Tomcat server administrator to impose limit on uploading file based on their size?

Options:

A.

< connector... maxFileLimit="file size" / >

B.

< connector... maxPostSize="0"/>

C.

< connector... maxFileSize="file size" / >

D.

< connector... maxPostSize="file size" / >

Buy Now
Questions 8

Which of the following method will you use in place of ex.printStackTrace() method to avoid printing stack trace on error?

Options:

A.

ex.StackTrace.getError();

B.

ex.message();

C.

ex.getMessage();

D.

ex.getError();

Buy Now
Questions 9

James is a Java developer working INFR INC. He has written Java code to open a file, read it line by line and display its content in the text editor. He wants to ensure that any unhandled exception raised by the code should automatically close the opened file stream. Which of the following exception handling block should he use for the above purpose?

Options:

A.

Try-Catch-Finally block

B.

Try-Catch block

C.

Try-With-Resources block

D.

Try-Catch-Resources block

Buy Now
Questions 10

Identify the formula for calculating the risk during threat modeling.

Options:

A.

RISK = PROBABILITY "Attack

B.

RISK = PROBABILITY " ASSETS

C.

RISK = PROBABILITY * DAMAGE POTENTIAL

D.

IRISK = PROBABILITY * VULNERABILITY

Buy Now
Questions 11

Jacob, a Security Engineer of the testing team, was inspecting the source code to find security vulnerabilities.

Which type of security assessment activity Jacob is currently performing?

Options:

A.

ISCST

B.

CAST

C.

CAST

D.

SAST

Buy Now
Questions 12

Which line of the following example of Java Code can make application vulnerable to a session attack?

Options:

A.

Line No. 1

B.

Line No. 3

C.

Line No. 4

D.

Line No. 5

Buy Now
Questions 13

Alice works as a Java developer in Fygo software Services Ltd. He is given the responsibility to design a bookstore website for one of their clients. This website is supposed to store articles in .pdf format. Alice is advised by his superior to design ArticlesList.jsp page in such a way that it should display a list of all the articles in one page and should send a selected filename as a query string to redirect users to articledetails.jsp page.

Alice wrote the following code on page load to read the file name.

String myfilename = request.getParameter("filename");

String txtFileNameVariable = myfilename;

String locationVariable = request.getServletContext().getRealPath("/");

String PathVariable = "";

PathVariable = locationVariable + txtFileNameVariable;

BufferedInputStream bufferedInputStream = null;

Path filepath = Paths.get(PathVariable);

After reviewing this code, his superior pointed out the security mistake in the code and instructed him not repeat the same in future. Can you point the type of vulnerability that may exist in the above code?

Options:

A.

URL Tampering vulnerability

B.

Form Tampering vulnerability

C.

XSS vulnerability

D.

Directory Traversal vulnerability

Buy Now
Questions 14

Which of the following elements in web.xml file ensures that cookies will be transmitted over an encrypted channel?

Options:

A.

< connector lsSSLEnabled="Yes" / >

B.

< connector EnableSSL="true" / >

C.

< connector SSLEnabled="false" / >

D.

< connector SSLEnabled="true" / >

Buy Now
Exam Code: 312-96
Exam Name: Certified Application Security Engineer (CASE) JAVA
Last Update: Dec 25, 2024
Questions: 47
312-96 pdf

312-96 PDF

$25.5  $84.99
312-96 Engine

312-96 Testing Engine

$30  $99.99
312-96 PDF + Engine

312-96 PDF + Testing Engine

$40.5  $134.99