{"id":274,"date":"2021-01-17T05:25:56","date_gmt":"2021-01-16T17:59:29","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question266\/"},"modified":"2021-01-17T05:27:20","modified_gmt":"2021-01-17T05:27:20","slug":"secure-software-lifecycle-professional-csslp-question266","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question266\/","title":{"rendered":"Secure Software Lifecycle Professional &#8211; CSSLP &#8211; Question266"},"content":{"rendered":"<div class=\"question\">A number of security patterns for Web applications under the DARPA contract have been developed by Kienzle, Elder, Tyree, and Edwards-Hewitt. Which of the following patterns are applicable to aspects of authentication in Web applications?b Each correct answer represents a complete solution. Choose all that apply. <br \/><strong><br \/>A.<\/strong> Authenticated session <br \/><strong>B.<\/strong> Secure assertion <br \/><strong>C.<\/strong> Partitioned application <br \/><strong>D.<\/strong> Password authentication <br \/><strong>E.<\/strong> Account lockout <br \/><strong>F.<\/strong> Password propagation<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>ADEF<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nExplanation: The various patterns applicable to aspects of authentication in the Web applications are as follows: Account lockout: It implements a limit on the incorrect password attempts to protect an account from automated password-guessing attacks. Authenticated session: It allows a user to access more than one access-restricted Web page without re-authenticating every page. It also integrates user authentication into the basic session model. Password authentication: It provides protection against weak passwords, automated password-guessing attacks, and mishandling of passwords. Password propagation: It offers a choice by requiring that a user&#8217;s authentication credentials be verified by the database before providing access to that user&#8217;s data. Answer: B and C are incorrect. Secure assertion and partitioned application patterns are applicable to software assurance in general.<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A number of security patterns for Web applications under the DARPA contract have been developed by Kienzle, Elder, Tyree, and Edwards-Hewitt. Which of the following patterns are applicable to aspects of authentication in Web applications?b Each correct answer represents a complete solution. Choose all that apply. A. Authenticated session B. Secure assertion C. Partitioned application [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[353,269,3],"class_list":["post-274","post","type-post","status-publish","format-standard","hentry","category-secure-software-lifecycle-professional-csslp","tag-choices","tag-question-266","tag-secure-software-lifecycle-professional-csslp"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/274","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/comments?post=274"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/274\/revisions"}],"predecessor-version":[{"id":625,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/274\/revisions\/625"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/media?parent=274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/categories?post=274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/tags?post=274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}