Q 1. When validating the fix for a CSRF vulnerability, which of the below specification of anti-csrf token would you consider to be weak?
Q 2. When an application needs to use the authentication based on database tables, among the below combination of algorithms (for hashing & salt generator), which is the secure way to store the hashed passwords in the database?
Q 3. “Mytrip” travel website has planned to launch a chat functionality in their application for customers to chat with the support executive. As a security expert, what will be your recommendation to implement a secure way of communication?