Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

CAP Certified AppSec Practitioner Exam Questions and Answers

Questions 4

Which is the most effective way of input validation to prevent Cross-Site Scripting attacks?

Options:

A.

Blacklisting HTML and other harmful characters

B.

Whitelisting and allowing only trusted input

C.

Using a Web Application Firewall (WAF)

D.

Marking Cookie as HttpOnly

Buy Now
Questions 5

The payload {{7*7}} can be used for determining which of the following vulnerabilities?

Options:

A.

Server Side Template Injection (SSTI)

B.

Client-Side Template Injection (CSTI)

C.

Both 1 and 2

D.

None of the above

Buy Now
Questions 6

You found the xmrpc.php endpoint while performing a security assessment on a web application. The target application is most likely using which of the following Content Management Systems (CMS)?

Options:

A.

WordPress

B.

Drupal

C.

Both A and B

D.

None of the above

Buy Now
Questions 7

Under the same-origin policy (also SOP), a web browser permits scripts contained in a web page to access data in another web page, but only if both web pages have the same origin. Which of the following pages are in the same origin as that of the below URL?

http://www.example.com/dir/page2.html

    http://www.example.com/dir/other.html

    http://www.example.com:81/dir/other.html

    http://www.example.com/dir/other.html

    http://en.example.com/dir/other.html

Options:

A.

1 Only

B.

1 and 2

C.

1, 3 and 4

D.

None of the above

Buy Now
Questions 8

An application’s forget password functionality is described below:

The user enters their email address and receives a message on the web page:

“If the email exists, we will email you a link to reset the password”

The user also receives an email saying:

“Please use the link below to create a new password:”

(Note that the developer has included a one-time random token with the ‘userId’ parameter in the link). So, the link seems like:

https://example.com/reset_password?userId=5298 &token=70e7803e-bf53-45e1-8a3f-fb15da7de3a0

Will this mechanism prevent an attacker from resetting arbitrary users’ passwords?

Options:

A.

True

B.

False

Buy Now
Questions 9

Which of the following security attributes ensures that the browser only sends the cookie over a TLS (encrypted) channel?

Options:

A.

Secure

B.

HttpOnly

C.

No_XSS

D.

None of the above

Buy Now
Questions 10

Which of the following is NOT an asymmetric key encryption algorithm?

Options:

A.

AES

B.

RSA

C.

Diffie-Hellman

D.

DSA

Buy Now
Questions 11

If the end-user input is not validated or sanitized, an application created using which of the following languages or frameworks might be prone to Insecure Deserialization vulnerability?

Options:

A.

.NET

B.

Java

C.

PHP

D.

All of the above

Buy Now
Questions 12

Which of the following attributes is NOT used to secure the cookie?

Options:

A.

HttpOnly

B.

Secure

C.

Restrict

D.

Same-Site

Buy Now
Questions 13

After purchasing an item on an e-commerce website, a user can view his order details by visiting the URL:

https://example.com/order_id=53870

A security researcher pointed out that by manipulating the order_id value in the URL, a user can view arbitrary orders and sensitive information associated with that order_id.

Which of the following is correct?

Options:

A.

The root cause of the problem is a lack of input validation and by implementing a strong whitelisting, the problem can be solved

B.

The root cause of the problem is a weak authorization (Session Management) and by validating a user's privileges, the issue can be fixed

C.

The problem can be solved by implementing a Web Application Firewall (WAF)

D.

None of the above

Buy Now
Questions 14

In the screenshot below, an attacker is attempting to exploit which vulnerability?

Request

POST /dashboard/userdata HTTP/1.1

Host: example.com

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Firefox/107.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8

Accept-Language: en-GB,en;q=0.5

Accept-Encoding: gzip, deflate

Upgrade-Insecure-Requests: 1

Sec-Fetch-Dest: document

Sec-Fetch-Mode: navigate

Sec-Fetch-Site: none

Sec-Fetch-User: ?1

Cookie: JSESSIONID=7576572ce167b5634ie646de967c759643d53031

Te: trailers

Connection: keep-alive

Content-Type: application/x-www-form-urlencoded

Content-Length: 36

useragent=http://127.0.0.1/admin

PrettyRaw | Hex | php | curl | ln | Pretty

HTTP/1.1 200 OK

Date: Fri, 09 Dec 2022 11:42:27 GMT

Content-Type: text/html; charset=UTF-8

Content-Length: 12746

Connection: keep-alive

X-Xss-Protection: 1; mode=block

X-Content-Type-Options: nosniff

X-Request-ID: 65403d71e8745d5e1fe205f44d531

Content-Length: 12746

<html>

<head>

<meta charset="utf-8">

<meta name="viewport" content="width=device-width, initial-scale=1">

<title>

Admin Panel

</title>

Options:

A.

HTTP Desync Attack

B.

File Path Traversal Attack

C.

Open URL Redirection

D.

Server-Side Request Forgery

Buy Now
Questions 15

In the context of the following JWT token, which of the following statement is true?

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.ey

JUYW1I1joiU2vjbB3ZiNo_mn0vNWT4G1-

ATqOTmo7rm70VI12WCdkMI_S1_bPg_G8

Options:

A.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9 represents a JWT Signature.

B.

mn0vNWT4G1-ATqOTmo7rm70VI12WCdkMI_S1_bPg_G8 represents a JWT Signature.

C.

eyJUYW1I1joiU2vjbB3ZiNo represents a JWT Signature.

D.

None of the above.

Buy Now
Questions 16

In the context of NoSQL injection, which of the following is correct?

Statement A: NoSQL databases provide looser consistency restrictions than traditional SQL databases. By requiring fewer relational constraints and consistency checks, NoSQL databases often offer performance and scaling benefits. Yet these databases are still potentially vulnerable to injection attacks, even if they aren’t using the traditional SQL syntax.

Statement B: NoSQL database calls are written in the application’s programming language, a custom API call, or formatted according to a common convention (such as XML, JSON, LINQ, etc).

Options:

A.

A is true, and B is false

B.

A is false, and B is true

C.

Both A and B are false

D.

Both A and B are true

Buy Now
Questions 17

Based on the screenshot above, which of the following is the most true?

Screenshot

![Login Form]

coder@viewer

User does not exist

[Password field]

Forget password?

[Login button]

Not yet member? Sign now

Options:

A.

The application is vulnerable to username enumeration

B.

The application is vulnerable to brute-force attacks

C.

The application does not enforce a strong password policy

D.

None of the above

Buy Now
Questions 18

Your application is hosting JavaScript from a third-party website as shown in the snippet below.

<script src="https://[//cdn.thirdparty-example.com/](example.js)" integrity="sha384-Fmb0CYeA6gM2uLuyvqs7x75u0mktDh2nKLomp3PHkJ0b5vJF2qF6Gbrc/6dK" crossorigin="anonymous" ></script>

Which of the following is true regarding the code snippet?

Options:

A.

The code snippet will perform validations for Cross-Site Scripting attacks

B.

The code snippet will perform validations for Cross-Site Request Forgery attacks

C.

The code snippet will perform Subresource Integrity (SRI) checks

D.

The code snippet will perform validations for Outdated Javascript checks

Buy Now
Exam Code: CAP
Exam Name: Certified AppSec Practitioner Exam
Last Update: Apr 2, 2025
Questions: 60

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now CAP testing engine

PDF (Q&A)

$36.75  $104.99
buy now CAP pdf