Explore topic-wise InterviewSolutions in .

JWT TOKENS are PRONE to XSS attacks.
Please CHOOSE the correct options from below list
(1)TRUE
(2)FALSE

Answer:-(1)TRUE

What is principal authentication?
Choose the correct answer from below OPTIONS
(1)C) A person, computer, printer, device, or a group of these. For example, a person can be given a USER ID as an IDENTIFIER, which can then be used by a system to authenticate the user.
(2)B) An entity that can be authenticated by a system by using the identifier associated with that entity.
(3)B) and C)
(4)A) An authentication mechanism in which a user enters a principal value during authentication.
(5)All the above options

Answer:-(3)B) and C)

Which of the FOLLOWING types of attack is prevented by multi-factor authentication?
Please choose the correct OPTIONS from below LIST
(1)Stolen credential re-use
(2)Brute force
(3)AUTOMATED
(4)All the above options
(5)Credential stuffing

ANSWER:-(4)All the above options

Home Realm Discovery BEHAVIOR provided by Azure Active DIRECTORY ENABLES CREDENTIALS to be stored in a corporate AD.
Please choose the correct options from below LISTS
(1)FALSE
(2)TRUE

ANswer:-(2)TRUE

What is "OAUTH"?
Please choose the correct options from below list
(1)Authentication with an "O".
(2)An open STANDARD that allows users to share personal RESOURCES STORED on a site with

another site, without having to share their credentials.
(3)An open standard that allows users to securely share their credentials, typically

username and password with other websites or entities.
(4)None of the above options

Answer:-(2)An open standard that allows users to share personal resources stored on a site with another site, without having to share their credentials.

Is an application REQUIRED to generate a new session after AUTHENTICATION?
CHOOSE the correct answer from below options
(1)Required
(2)Not required
(3)Mandatory if the application is DEPLOYED on multiple application servers.

Answer:-(1)Required

What is SAML?
Choose the correct answer from below options
(1)B) SECURITY And MARKUP Language
(2)D) A secure SSO specification from Microsoft.
(3)C) An open standard to securely EXCHANGE authentication/IDENTITY and authorization information between an identity PROVIDER and a service provider. An SAML token is based on XML.
(4)A) Security Assertion Markup Language
(5)A) and C)

Answer:-(5)A) and C)

Authorization can be done only after completing the IDENTIFICATION and AUTHENTICATION process.
Choose the correct answer from below options
(1)TRUE
(2)FALSE

Answer:-(1)TRUE

The PROCESSES of identification and AUTHENTICATION are the same.
Please CHOOSE the CORRECT OPTIONS from below list
(1)TRUE
(2)FALSE

Answer:-(2)FALSE

The SameSite cookie attribute enables to prevent?
PLEASE choose the correct OPTIONS from below list
(1)SQL injection
(2)XSS
(3)Server MISCONFIGURATION issues
(4)Cross-origin information leakage

Answer:-(4)Cross-origin information leakage

A JWT can be STORED at which of the following locations?
Please CHOOSE the CORRECT options from below list
(1)SESSIONSTORAGE
(2)localStorage
(3)severStorage
(4)localStorage and sessionStorage

Answer:-(4)localStorage and sessionStorage

What is "SiteMinder Web Access Management"?
Please choose the correct options from below list
(1)All the above options
(2)A product by CA Technologies to ensure cross-browser COMPATIBILITY and accessibility of web applications.
(3)A product by CA Technologies which has cross-platform SSO, and other web access management capabilities like CENTRALIZED authentication, authorization POLICY enforcement, ETC.
(4)A product by CA Technologies used to access web sites without the need of a web browser.

Answer:-(3)A product by CA Technologies which has cross-platform SSO, and other web access management capabilities like centralized authentication, authorization policy enforcement, etc.

What is federated SSO?
Please choose the CORRECT options from below LIST
(1)A mechanism that provides an SSO token that can be trusted for identity assertion by

multiple ENTITIES across multiple identity management SYSTEMS.
(2)SSO across federal states of a nation.
(3)None of the above options

Answer:-(1)A mechanism that provides an SSO token that can be trusted for identity assertion by multiple entities across multiple identity management systems.

In a typical "Web SSO" scenario, a secure, TRANSIENT HTTP COOKIE can be used to exchange an SSO token between an "identity PROVIDER" and a "service provider".
State True or false?
Please choose the CORRECT OPTIONS from below list
(1)TRUE
(2)FALSE

Answer:-(1)TRUE

____________ REFERS to the validity of a CLAIMED identity.
Please choose the correct OPTIONS from below LIST
(1)Authorization
(2)Identification
(3)Authentication

Answer:-(3)Authentication

In the stateless JWT authentication method, user sessions are not STORED at server side.
Please choose the CORRECT options from below list
(1)TRUE
(2)FALSE

Answer:-(1)TRUE

Which of the following are PROTOCOLS used for SSO?
PLEASE CHOOSE the CORRECT options from below list
(1)Kerberos
(2)OpenID
(3)SAML
(4)OAuth
(5)All the above options

Answer:-(5)All the above options

Is it okay to share a session ID VIA a URL?
Please CHOOSE the correct options from below list
(1)Yes, SHARING a session ID is okay, as it is going only to the intended user.
(2)Yes, if the application is performing URL redirecting.
(3)An application must not share a session ID via a URL.

Answer:-(3)An application must not share a session ID via a URL.

A JWT contains which of the following?
Please choose the correct options from below list
(1)HEADER, signature, and FOOTER delimited by
(2)header, footer, and signature delimited by
(3)header, payload, and signature delimited by

Answer:-(3)header, payload, and signature delimited by

Which of the FOLLOWING method is the best one to save a password?
PLEASE CHOOSE the correct options from below list
(1)Hashed
(2)Salted hash
(3)Encrypted
(4)Plain text

Answer:-(2)Salted hash