Question 126
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months.
The 2013 OWASP Top Ten list includes "cross- site scripting (XSS)."
Which of the following is not a method for reducing the risk of XSS attacks?
Question 127
Which attribute of data poses the biggest challenge for data discovery?
Question 128
When beginning an audit, both the system owner and the auditors must agree on various aspects of the final audit report.
Which of the following would NOT be something that is predefined as part of the audit agreement?
Question 129
Which characteristic of automated patching makes it attractive?
Response:
Question 130
With a federated identity system, where would a user perform their authentication when requesting services or application access?
