After significant vulnerabilities and misconfigurations were found in numerous production web applications, a security manager identified the need to implement better development controls.
Which of the following controls should be verified? (Select two).
A. Input validation routines are enforced on the server side.
B. Operating systems do not permit null sessions.
C. Systems administrators receive application security training.
D. VPN connections are terminated after a defined period of time.
E. Error-handling logic fails securely.
F. OCSP calls are handled effectively.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
I agree with A and E:
B. deals with OS
C. deals with sysadmin training
D. deals with VPN
F. deals with certificate protocol
Only A and E address coding vulnerabilities and misconfigurations.