1- this could lead to- all the above2-enabling https untrusted data- false3-untrusteddata- all the option correct4-sanitizing untrusted data - true5-cross-site scripting-enable an attackers to inject code6-string containg untrusted data- an attackers can insert additional malicious sql7-sql injection attack- using parameterized stmt.8-buffer over flow attack- except( using the strcpy function to ensure)9-files are uploaded into your application- except(file does not contain java script)10-json data - json is a subset.11- input to an application - all the correct option12- ASTA - essential part of your testing13- fider tool- view and manipulating request and responses.14- data validation - except ( software version checking)15- handling untrusted data- some untructed data must never be used.------------3rd1- HTTP IS STATE : EXCEPT(THROUGH THE USE OF CAPTCHS)2- AUTHENTICED SESSION-EXCEPT(SUBMIT)3- CORRECT STMT: SESSION TOKEN, SESSION IDENTIFIERS( clent sends it with each request, clent sendsa refernce with each request)4-security and cookies : for http requests, cookies to secure5-http - except( http onlydosnot, all the above)6- correct stmt- all the above7-hp it security - except( managment policy)8-hp it security goverence: ( session was first established)9-HMDC: EXCEPT CRL10-SOFTWARE DEVELOPED SECUIRTY STD : MINIMUM-------------