nerdexam
ExamsCAS-001Questions#274
CompTIA

CAS-001 · Question #274

CAS-001 Question #274: Real Exam Question with Answer & Explanation

The correct answer is C: Input validation. Application security libraries and frameworks provide reusable security functions - including input validation, secure logging, and encryption/decryption - that developers integrate directly into their applications.

Question

Which of the following are security components provided by an application security library or framework? (Select THREE).

Options

  • AAuthorization database
  • BFault injection
  • CInput validation
  • DSecure logging
  • EDirectory services
  • FEncryption and decryption

Explanation

Application security libraries and frameworks provide reusable security functions - including input validation, secure logging, and encryption/decryption - that developers integrate directly into their applications.

Common mistakes.

  • A. An authorization database is a separate data store or directory service that a framework may query, not a component built into the library itself.
  • B. Fault injection is a testing and resilience-evaluation methodology, not a security service component that a framework provides at runtime.
  • E. Directory services such as LDAP or Active Directory are independent infrastructure systems, not functions bundled into an application security library.

Concept tested. Application security framework security components

Reference. https://owasp.org/www-project-enterprise-security-api/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice