Question 1

In a Reactive Web application, when dealing with user inputs, what is a recommended strategy for preventing injection attacks, such as SQL injection?

Options :

A : Injection attacks are not relevant in Reactive Web applications.

B : Perform input validation only on the client side.

C : Implement server-side parameterized queries to prevent injection attacks.

D : Sanitize inputs using the default browser security mechanisms.

Answer: C

Question 2

In OutSystems, what is a potential risk associated with user input fields, and how can developers mitigate this risk?

Options :

A : User input fields are inherently secure and do not pose any risk.

B : mproper handling of user input may lead to Injection attacks, and developers should implement input validation and parameterized queries.

C : Input validation is not necessary in OutSystems due to its robust security features.

D : User inputs are automatically sanitized by the platform, eliminating the risk.

Answer: B

Question 3

According to OutSystems documentation, what is the recommended approach for preventing SQL injection vulnerabilities in server-side logic?

Options :

A : Utilize client-side validation exclusively.

B : Implement parameterized queries and use built-in SQL injection protection functions.

C : Rely on the platform-s automatic SQL injection prevention.

D : Disable server-side validation for improved performance.

Answer: B

Question 4

In a multi-server deployment of an OutSystems application, what consideration should be taken into account when configuring secure session cookies?

Options :

A : The platform automatically handles session cookies in multi-server environments.

B : Each server manages its own session cookies independently.

C : Disable secure session cookies for better load balancing.

D : Use a shared session cookie across all servers for consistency.

Answer: D

Question 5

If a developer suggests using a component from the Forge in an anonymous screen, what security risk should be carefully considered?

Options :

A : The component may expose vulnerabilities that can be exploited by malicious users.

B : Anonymous screens have elevated security privileges, minimizing potential risks.

C : No security risk, as anonymous screens do not interact with sensitive data

D : Components from the Forge are inherently secure and pose no threats.

Answer: A