1. A media player that is running within a web browser is known as a(n):

a. Agent b. Mashup c. Applet

d. Script

2. The chief advantage of web-based applications is: a. Client-side software updates are unnecessary b. Built-in SSL encryption c. Ease of use d. Better security

3. Enterprise Java Bean, Distributed Common Object Model, and Java Remote Method Invocation are examples of: a. Object request brokers b. Object oriented frameworks c. Object oriented languages d. Distributed systems

4. An attacker is experimenting with an application by inserting long strings of machine language code in the applications input fields. The attacker is attempting: a. A Denial of Service attack

b. A buffer overflow attack

c. A stack smashing attack

d. Any of the above

5. A risk manager requires that his organization implement a control to prevent applica-tion attacks. The best solution is to use: a. Multitier architecture b. Code reviews c. An application vulnerability scanner d. An application firewall

6. An astute security engineer has discovered that two accomplices are communicating with each other via hidden messages within images on a blogsite. The security engineer has discovered: a. Emanations b. A side channel attack c. A covert channel d. Steganography