Increase your chances of passing the The SecOps Group Certified-AppSec-Practitioner exam questions on your first try. Practice with our free online Certified-AppSec-Practitioner exam mock test designed to help you prepare effectively and confidently.
Under the same-origin policy (also SOP), a web browser permits scripts contained in a web page to access data in another web page, but only if both web pages have the same origin. Which of the following pages are in the same origin as that of the below URL?
http://www.example.com/dir/page2.html
http://www.example.com/dir/other.html
http://www.example.com:81/dir/other.html
http://www.example.com/dir/other.html
http://en.example.com/dir/other.html
Which of the following security attributes ensures that the browser only sends the cookie over a TLS (encrypted) channel?
Based on the below request/response, which of the following statements is true?
Send
GET
/dashboard.php?purl=http://attacker.com HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Firefox/107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Cookie: JSESSIONID=38RB5ECV10785B53AF29816E92E2E50
Te: trailers
Connection: keep-alive
PrettyRaw | Hex | php | curl | ln | Pretty
HTTP/1.1 302 Found 2022-12-03 17:38:18 GMT
Date: Sat, 03 Dec 2022 17:38:18 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips PHP/8.0.25
X-Powered-By: PHP/8.0.25
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location:
http://attacker.com
Set-Cookie: JSESSIONID=38C5ECV10785B53AF29816E92E2E50; Path=/; HttpOnly
Scan the code below and identify the vulnerability which is the most applicable for this scenario.
Based on the screenshot below, which of the following statements is true?
Request
GET /userProfile.php?sessionId=7576572ce164646de967c759643d53031 HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Firefox/107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Cookie: JSESSIONID=7576572ce164646de967c759643d53031
Te: trailers
Connection: keep-alive
PrettyRaw | Hex | php | curl | ln | Pretty
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:42:27 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips PHP/8.0.25
X-Powered-By: PHP/8.0.25
Content-Length: 12746
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: JSESSIONID=7576572ce164646de967c759643d53031; Path=/; HttpOnly
© Copyrights FreeMockExams 2026. All Rights Reserved
We use cookies to ensure that we give you the best experience on our website (FreeMockExams). If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the FreeMockExams.
Full Access to 60 Questions