The is a standard for exchanging authentication and authorization information

118. The ___________________ is a standard for exchanging authentication andauthorization information between different security domains, to provide cross-organisation single sign-on.a) OpenIDb) Sign-on systemc) Security Assertion Markup Language (SAML)d) Virtual Private Database (VPD)Answer: cExplanation: The user’s password and other authentication factors are neverrevealed to the application, and the user need not register explicitly with theapplication.

119. The __________ standard is an alternative for single sign-on acrossorganizations, and has seen increasing acceptance in recent years.

View full document

120. _______________ allows a system administrator to associate a function with arelation; the function returns a predicate that must be added to any query thatuses the relation.

View full document

121 . VPD provides authorization at the level of specific tuples, or rows, of arelation, and is therefore said to be a _____________ mechanism.

View full document

122. If an attacker manages to get an application to execute an SQL query createdby the attacker, then such attacks are called asa) SQL attacksb) SQL injection attacksc) SQL usage attackd) SQL destroyer attack

Answer: bClarification: If an attacker manages to get an application to execute an SQLquery created by the attacker, then such attacks are called as SQL injectionattacks.