Page: 3
Unit-5 : Web Application Security
Q5. Given the security constraint in a DD: 101. <security-constraint> 102. <web-resource-collection> 103. <web-resource-name>Foo</web-resource-name> 104. <url-pattern>/Bar/Baz/*</url-pattern> 105. <http-method>POST</http-method> 106. </web-resource-collection> 107. <auth-constraint> 108. <role-name>DEVELOPER</role-name> 109. </auth-constraint> 110. </security-constraint> And given that "MANAGER" is a valid role-name, which four are true for this security constraint?(Choose four.) A. MANAGER can do a GET on resources in the /Bar/Baz directory. B. MANAGER can do a POST on any resource in the /Bar/Baz directory. C. MANAGER can do a TRACE on any resource in the /Bar/Baz directory. D. DEVELOPER can do a GET on resources in the /Bar/Baz directory. E. DEVELOPER can do only a POST on resources in the /Bar/Baz directory. F. DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory. Answer: A, C, D, F Q6. Given the security constraint in a DD: 101. <security-constraint> 102. <web-resource-collection> 103. <web-resource-name>Foo</web-resource-name> 104. <url-pattern>/Bar/Baz/*</url-pattern> 105. <http-method>POST</http-method> 106. </web-resource-collection> 107. <auth-constraint> 108. <role-name>DEVELOPER</role-name> 109. </auth-constraint> 110. </security-constraint> And given that "MANAGER" is a valid role-name, which four are true for this security constraint?(Choose four.) A. MANAGER can do a GET on resources in the /Bar/Baz directory. B. MANAGER can do a POST on any resource in the /Bar/Baz directory. C. MANAGER can do a TRACE on any resource in the /Bar/Baz directory. D. DEVELOPER can do a GET on resources in the /Bar/Baz directory. E. DEVELOPER can do only a POST on resources in the /Bar/Baz directory. F. DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory. Answer: A, C, D, F Q7. Which activity supports the data integrity requirements of an application? A. using HTTPS as a protocol B. using an LDAP security realm C. using HTTP Basic authentication D. using forms-based authentication Answer: A
Page: 3
1
2
3
4
5
6
7
8
9
10
|