Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 9: Secure Programming With Perl

arrow
Exam 1: Introduction to Security Concepts42 Questionsadd course
Exam 2: Software Engineering and Security42 Questionsadd course
Exam 3: Essential Public Key Infrastructure42 Questionsadd course
Exam 4: Trust and Threat Model42 Questionsadd course
Exam 5: Java Programming Security42 Questionsadd course
Exam 6: Java Api-Level Security Features42 Questionsadd course
Exam 7: Authentication and Authorization With Java42 Questionsadd course
Exam 8: Secure Programming With C and Openssl42 Questionsadd course
Exam 9: Secure Programming With Perl42 Questionsadd course
Exam 10: Identity Management42 Questionsadd course
Exam 11: Security Topics42 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

How can you untaint Perl variables?

(Essay)
4.8/5
(34)
Question 21

____ is a set of Perl modules that provide a simple and consistent Application Programming Interface (API) to the World Wide Web.

(Multiple Choice)
4.7/5
(43)
Question 22

What are the steps followed by a communication in LWP?

(Essay)
4.9/5
(41)
Question 23

Perl's ____ allows developers program security even when running extra privileges such as setuid or setgid programs.

(Multiple Choice)
4.8/5
(40)
Question 24

What are the operator-access restrictions when Perl is in safe mode?

(Essay)
4.9/5
(39)
Question 25

____ is an algorithm based on a random permutation using a variable key-size stream cipher with byte-oriented operations.

(Multiple Choice)
4.7/5
(33)
Question 26

Many programming languages can be used for building CGI, but the most common one is ____________________.

(Short Answer)
4.9/5
(36)
Question 27

In Perl, the ternary conditional operator "____" is an exception to the principle of "one tainted value taints the whole expression."

(Multiple Choice)
4.7/5
(34)
Question 28

____ is a search engine for the distributions, modules, documentation, and IDs on CPAN.

(Multiple Choice)
4.9/5
(34)
Question 29

____ provides internal data checking for developers to catch malicious data coming into the program.

(Multiple Choice)
4.8/5
(44)
Question 30

Briefly describe race conditions in file access.

(Essay)
4.9/5
(31)
Question 31

Briefly describe the Perl's crypt() function.

(Essay)
4.7/5
(25)
Question 32
Match each item with a statement below:
Premises:
Responses:
considered a Perl extension to OpenSSL's X.509 API and implements most of OpenSSL's useful X.509 API
CPAN
environment variable that can be used by a Perl program
CGI
a collection of specific restrictions in Perl that helps developers to write safer scripts by forcing them to think more carefully about how data is used within the script
LWP
Correct Answer:
Verified
Premises:
Responses:
considered a Perl extension to OpenSSL's X.509 API and implements most of OpenSSL's useful X.509 API
CPAN
environment variable that can be used by a Perl program
CGI
a collection of specific restrictions in Perl that helps developers to write safer scripts by forcing them to think more carefully about how data is used within the script
LWP
also referred to as the "libwww-perl" collection
Crypt::OpenSSL::X509
mostly used to allow users to run binary executables with temporarily elevated privileges in order to perform specific tasks
Crypt::OpenSSL::RSA
a central Web repository for Perl modules and extensions
RC4
provides an interface to the RSA key-generation, signing, and verification functions in OpenSSL
setuid
a specification for exchanging information between a Web server and an application program
Taint mode
a stream cipher designed by Ron Rivest for RSA Data Security
PATH
(Matching)
4.9/5
(36)
Question 33

Communication in LWP follows hypertext transfer protocol (HTTP) and is ____.

(Multiple Choice)
4.8/5
(46)
Question 34

Once a variable is tainted, Perl will allow you to use it in a system() , exec() , piped open, eval() , backtick , or unlink command.

(True/False)
4.7/5
(41)
Question 35

How can you test whether a variable that contains tainted data will trigger an "Insecure dependency" message?

(Essay)
4.8/5
(26)
Question 36

You can enable taint mode explicitly by using the command line flag ____.

(Multiple Choice)
5.0/5
(47)
Question 37

In Perl, ____ provides a "sandbox" environment that compiles and executes code in restricted compartments.

(Multiple Choice)
4.9/5
(41)
Question 38

____ is a general-purpose scripting language that is widely used to implement common gateway interface (CGI).

(Multiple Choice)
4.9/5
(37)
Question 39

The safe module operation ____ permits only the provided list of operators to be used when compiling code in the compartment.

(Multiple Choice)
4.8/5
(34)
Question 40
Showing 21 - 40 of 42
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)