Official (ISC)² CSSLP - Domain 4: Secure
Software Implementation - Coding Exam
Questions With 100% Verified Answers
A software vulnerability that is often introduced through ancillary
authentication functions such as logout, password management,
timeout, remember me, secret question, and account update. This
vulnerability helps attackers gain control of the session of the
application. -
correct answer ✅Broken authentication
The name to which equivalent forms of a name resolve. -
correct answer ✅Canonical name
Multiple (alternate) representations of a name. -
correct answer ✅Canonicalization
A software attack that tricks the victim into loading a page that
contains a malicious request. The attacker inherits the identity and
privileges of the victim to perform an undesired function on the
victim's behalf, such as change the victim's email address, home
address,or password, or purchase something. -
correct answer ✅Cross-site request forgery
A software vulnerability that refers to data from one site interacting
with data from another site by injecting client-side JavaScript or
, Official (ISC)² CSSLP - Domain 4: Secure
Software Implementation - Coding Exam
Questions With 100% Verified Answers
VBScript into a page. -
correct answer ✅Cross-site scripting
The ability of the code to be able to switch from insecure
algorithms to more secure and approved ones with ease, because
the way the code is constructed is agnostic of the algorithm to
provide cryptographic operations such as encryption, decryption,
and hashing. -
correct answer ✅Cryptographic agility
A vulnerability database of the most dangerous programming
errors. -
correct answer ✅CWE/SANS Top 25 list
A set of hardware and software technologies that perform
additional checks on memory to help prevent malicious code from
running on a system. -
correct answer ✅Data Execution Prevention
XSS that occurs via DOM manipulation on the client. -
correct answer ✅DOM-based XSS
Software Implementation - Coding Exam
Questions With 100% Verified Answers
A software vulnerability that is often introduced through ancillary
authentication functions such as logout, password management,
timeout, remember me, secret question, and account update. This
vulnerability helps attackers gain control of the session of the
application. -
correct answer ✅Broken authentication
The name to which equivalent forms of a name resolve. -
correct answer ✅Canonical name
Multiple (alternate) representations of a name. -
correct answer ✅Canonicalization
A software attack that tricks the victim into loading a page that
contains a malicious request. The attacker inherits the identity and
privileges of the victim to perform an undesired function on the
victim's behalf, such as change the victim's email address, home
address,or password, or purchase something. -
correct answer ✅Cross-site request forgery
A software vulnerability that refers to data from one site interacting
with data from another site by injecting client-side JavaScript or
, Official (ISC)² CSSLP - Domain 4: Secure
Software Implementation - Coding Exam
Questions With 100% Verified Answers
VBScript into a page. -
correct answer ✅Cross-site scripting
The ability of the code to be able to switch from insecure
algorithms to more secure and approved ones with ease, because
the way the code is constructed is agnostic of the algorithm to
provide cryptographic operations such as encryption, decryption,
and hashing. -
correct answer ✅Cryptographic agility
A vulnerability database of the most dangerous programming
errors. -
correct answer ✅CWE/SANS Top 25 list
A set of hardware and software technologies that perform
additional checks on memory to help prevent malicious code from
running on a system. -
correct answer ✅Data Execution Prevention
XSS that occurs via DOM manipulation on the client. -
correct answer ✅DOM-based XSS
