Certified Application Security Engineer (CASE) - JAVA

Here you have the best ECCouncil 312-96 practice exam questions

You have 49 total questions to study from
Each page has 5 questions, making a total of 10 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on December 30, 2025
This site is not affiliated with or endorsed by ECCouncil.

Question 1 of 49

Sam, an application security engineer working in INFRA INC., was conducting a secure code review on an application developed in Java. He found that the developer has used a piece of code as shown in the following screenshot. Identify the security mistakes that the developer has coded?
Exam 312-96: Question 1 - Image 1

He is attempting to use client-side validation

He is attempting to use whitelist input validation approach

He is attempting to use regular expression for validation

He is attempting to use blacklist input validation approach

Correct Answer: D

Question 2 of 49

Identify the type of attack depicted in the following figure.
Exam 312-96: Question 2 - Image 1

SQL Injection Attacks

Session Fixation Attack

Parameter Tampering Attack

Denial-of-Service Attack

Correct Answer: C

Question 3 of 49

According to secure logging practices, programmers should ensure that logging processes are not disrupted by:

Catching incorrect exceptions

Multiple catching of incorrect exceptions

Re-throwing incorrect exceptions

Throwing incorrect exceptions

Correct Answer: D

Question 4 of 49

Which of the threat classification model is used to classify threats during threat modeling process?

RED

STRIDE

DREAD

SMART

Correct Answer: B

Question 5 of 49

Which line of the following example of Java Code can make application vulnerable to a session attack?
Exam 312-96: Question 5 - Image 1

Line No. 1

Line No. 3

Line No. 4

Line No. 5

Correct Answer: B