Which two defensive coding techniques should you use?

You are creating A5P.NET applications by using the .NET Framework 3.5.

Your company hosts a Web site. The Web site provides an online community and displays personal information of the site members. An e-mail account that is used as the user name is mandatory to register with the online community.

Only registered users of the site can view the personal information of other members.

You need to ensure that unauthorized, automated scripts or bots are not allowed to perform the following tasks:

– Register with the site.
– Access the personal information of the members.

Which two defensive coding techniques should you use? (Each correct answer presents part of the solution. Choose two.)

You are creating A5P.NET applications by using the .NET Framework 3.5.

Your company hosts a Web site. The Web site provides an online community and displays personal information of the site members. An e-mail account that is used as the user name is mandatory to register with the online community.

Only registered users of the site can view the personal information of other members.

You need to ensure that unauthorized, automated scripts or bots are not allowed to perform the following tasks:

– Register with the site.
– Access the personal information of the members.

Which two defensive coding techniques should you use? (Each correct answer presents part of the solution. Choose two.)

A.
Instruct users to create passwords that include upper and lower case letters, a minimum of one numerical digit or special character, and words that are listed in the dictionary.

B.
Send confirmation e-mail messages to all new registered users. Deny new user accounts access to the site until the user responds to the e-mail message.

C.
Implement a Completely Automated Public Turing Tests to Tell Computers and Humans Apart (CAPTCHA) image control during the registration and login process.

D.
Store the IP address that was last logged on by the member. Pre-populate the login form by using the credentials of the member if the IP address is the same.

E.
Encrypt all passwords in the database by using the SHA1 hash algorithm with a random salt value.



Leave a Reply 0

Your email address will not be published. Required fields are marked *