Eccouncil 312-96 Certified Application Security Engineer (CASE) JAVA Exam Practice Test

The software developer has implemented encryption in the code as shown in the following screenshot.

However, using the DES algorithm for encryption is considered to be an insecure coding practice as DES is a weak encryption algorithm. Which of the following symmetric encryption algorithms will you suggest for strong encryption?

Identify the type of attack depicted in the following figure.

Which of the following configuration settings in server.xml will allow Tomcat server administrator to impose limit on uploading file based on their size?

The threat modeling phase where applications are decomposed and their entry points are reviewed from an attacker's perspective is known as ________

In a certain website, a secure login feature is designed to prevent brute-force attack by implementing account lockout mechanism. The account will automatically be locked after five failed attempts. This feature will not allow the users to login to the website until their account is unlocked. However, there is a possibility that this security feature can be abused to perform __________ attack.

Identify the type of attack depicted in the following figure.

Sam, an application security engineer working in INFRA INC., was conducting a secure code review on an application developed in Jav

a. He found that the developer has used a piece of code as shown in the following screenshot. Identify the security mistakes that the developer has coded?