exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam

Exam CSSLP topic 2 question 43 discussion

Actual exam question from ISC's CSSLP
Question #: 43
Topic #: 2
[All CSSLP Questions]

Which of the following provides an easy way to programmers for writing lower-risk applications and retrofitting security into an existing application?

  • A. Watermarking
  • B. Code obfuscation
  • C. Encryption wrapper
  • D. ESAPI
Show Suggested Answer Hide Answer
Suggested Answer: an existing application. It offers a solid foundation for new development. Answer: C is incorrect. An encryption wrapper is a device that encrypts and decrypts the 🗳️
ESAPI (Enterprise Security API) is a group of classes that encapsulate the key security operations, needed by most of the applications. It is a free, open source, Web application security control library. ESAPI provides an easy way to programmers for writing lower-risk applications and retrofitting security into incorrect. Watermarking is the irreversible process of embedding information into a digital media. The purpose of digital watermarks is to provide copyright protection for intellectual property that is in digital form.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
74gjd_37
5 months, 2 weeks ago
Selected Answer: D
The correct answer is D. ESAPI (Enterprise Security API) provides an easy way for programmers to write lower-risk applications and retrofit security into an existing application. It provides a set of customizable functions, including input validation, output encoding, authentication, access control and encryption that can be easily integrated into any web-based application. Code obfuscation and watermarking are techniques used for protecting software from intellectual property theft but do not directly contribute to security features. Encryption wrappers are used to encrypt data instead of securing the application code itself.
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
ESAPI (Enterprise Security API) is an open-source project that was originally developed by OWASP (Open Web Application Security Project), a non-profit organization focused on improving software security. The development of ESAPI continues to be supported by volunteer contributions from the community. ESAPI libraries can be downloaded from the official OWASP GitHub repository or through various package managers, such as Maven and NuGet. ESAPI is distributed under the Apache Software License 2.0, which means it's free for commercial and non-commercial use with very few restrictions. This license grants users several rights including the ability to modify and distribute code without disclosing any proprietary information. However, users must include attribution notices within their applications if they use parts of the library in their own software products
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago