An office supplies web store wants to improve the security of their website. A developer suggested a number of changes.

Which of the changes would improve security?

(Select all acceptable answers.)

Everything on the site should use HTTPS instead of HTTP.
When resetting a user's password, send the user a new password instead of a password reset code.
Set an HTTP only flag on the session cookie.
Show a CAPTCHA after several failed login attempts.
Replace UUIDs in URLs with sequential IDs.
Session tokens should never expire.

Web Application Security Authorization New Public


Would you like to see our other questions?

We have 1000+ premium hand-crafted questions for 160+ job skills and 20+ coding languages. We prefer questions with small samples of actual work over academic problems or brain teasers.

Visit our question library
Private Concierge

Send us an email with an explanation of your testing needs and a list of candidates. We will create an appropriate test, invite your candidates, review their results, and send you a detailed report.

Contact Private Concierge

Would you like to see our tests? The following tests contain Web Application Security related questions:
On the TestDome Blog

Screening Applicants: The Good, the Bad and the Ugly

Since we’re all biased and we use incorrect proxies, why not just outsource hiring to experts or recruitment agencies? After all, they’ve been screening people for many years, so they must know how to do it right?

Not really. I was surprised to discover that many experts disagree with each other. Everybody praises their pet method and criticizes the others. Many of these methods look legitimate, but are based on...

Dashboard Start Trial Sign In Home Tour Tests Questions Pricing