Blog Archives

Preventing XSS attacks in Java

Cross Site Scripting (XSS) is one of the most common security problems in today’s web applications, and the second most common is the SQL injection attack. Both account for ~ 70% to 80% of the security threats of which XSS attacks are accountable for ~ 50% to 60%. Q1. What…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in member-paid, Security

Injection attack prevention Q&A

Q1. What are the different types of injection security vulnerabilities? A1. SQL Injection, Log Injection, HTTP Response Splitting, XPath Query injection, and LDAP injection. Q2. What is an SQL injection vulnerability, and how will you go about preventing it? A2. SQL injection attack is a security threat where the database…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in member-paid, Security

Session Hijacking prevention Questions & Answers

Q1. Does the following code pose any security risk? if yes, how will you fix it?

A1. The above code is a security risk. Never store sensitive data in a cookie. Instead, save it in the session on the server side, and store the session id in the cookie.…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in member-paid, Security

Debugging java.security.cert.CertificateException: Certificates do not conform to algorithm constraints

Why? You may have a certificate with SHA1RSA key size less than 1024 bits or you have a certificate in your chain that uses MD2RSA. Explanation? MD2 was widely recognized as insecure and thus disabled in Java in version JDK 7 onwards. If you check the “java.security” file under “$JAVA_HOME/jre/lib/security”,

Read more ›

Posted in Java Debugging, Security

Encryption and Decryption interview Q&A

Q1. What do you understand by the terms encryption and decryption? A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like “š£”Œz_fÓe©ˆ»[” by applying mathematical transformations. These transformations are known as encryption algorithms and require an encryption key.

Decryption…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in member-paid, Security

HTTP Basic Authentication Interview Q&A for Java developers & architects

Q1. What do you understand by the term “HTTP Basic Authentication”? A1. HTTP Basic authentication is the simplest “access controls” technique for web resources like RESTful web service call. It doesn’t require cookies, session identifier and login pages. You need to pass just username and password to the resource. If…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in member-paid, Security

SSL in Java with Keytool to generate public-private key pair

Step 1: Create public-private key pair: Using keytool utility, which is packaged in %JAVA_HOME%/bin/keytool.exe you can create “public-private” key-pair. This means the public and private keys are mathematically related so that encrypting with one key can be decrypted with the other key, and vice versa. “RSA” is the algorithm used.

Read more ›

Posted in Security

Debugging SSL issues in Java & tools to debug

Q1. What are some of the issues you encounter with SSL handshake? A1. Some of the issues you try to debug are Presence of a valid certificate in trust store Incorrect certificate chains in the client or server truststore Invalid key algorithm used for private keys Expired certificate Incorrect passwords…...

Members Only Content

This content is for the members with any one of the following paid subscriptions:

30-Day-Java-JEE-Career-Training, 90-Day-Java-JEE-Career-Training, 180-Day-Java-JEE-Career-Training, 365-Day-Java-JEE-Career-Training, 60-Day-Java-JEE-Career-Training and 2-Year-Java-JEE-Career-Training Feel free to evaluate the quality of the contents Free FAQs | HomeTry Log In | Register
Posted in Java Debugging, member-paid, Security, Tools
Page 1 of 212

800+ Interview Q&As – ♥ Free | ♦ FAQs | Hover/Slide

open all | close all

200+ Java Interview FAQs – Quick Prep

open all | close all

16 Java Key Areas to be a top-notch

open all | close all

80+ Java Tutorials – Step by step

open all | close all

100+ Java Coding Exercises

open all | close all

How good are your

open all | close all