Yii is a high-performance, open-source PHP framework renowned for its efficiency and versatility in web application development. Launched in 2008, Yii (pronounced "yee") has gained a strong following among developers worldwide. It boasts a robust set of features, including a powerful extension system, seamless integration of third-party libraries, and comprehensive tools for handling security and scalability. With its emphasis on clean, maintainable code and rapid development, Yii is an excellent choice for building web applications of varying complexities, from simple websites to intricate enterprise solutions.
Show All Answers
Practice Test
131. What is the purpose of Yii's CFilter class in terms of security best practices?
A. To filter and sanitize input data
B. To manage database connections
C. To handle user authentication
D. To display error messages
Show Answer
Report This Question
Answer: To filter and sanitize input data
132. Which Yii security feature helps protect against SQL injection attacks by escaping user input?
A. CHtml::encode()
B. CActiveRecord methods
C. CHttpRequest methods
D. CGridView methods
Show Answer
Report This Question
Answer: CActiveRecord methods
133. What is the recommended approach for securing sensitive data in configuration files within a Yii application?
A. Storing sensitive data outside of the web root directory
B. Encrypting sensitive data
C. Using plain text for simplicity
D. Publishing configuration files in public directories
Show Answer
Report This Question
Answer: Storing sensitive data outside of the web root directory
134. How can you enable content security policy (CSP) headers in a Yii application to mitigate XSS attacks?
A. By configuring the CController class
B. By disabling JavaScript entirely
C. By including JavaScript libraries
D. By editing the Yii core source code
Show Answer
Report This Question
Answer: By configuring the CController class
135. What is the purpose of Yii's CSecurityManager class in relation to security best practices?
A. To provide secure random number generation
B. To manage user sessions
C. To handle database queries
D. To render HTML templates
Show Answer
Report This Question
Answer: To provide secure random number generation
136. Yii provides built-in support for what type of encryption to secure sensitive data, such as passwords?
A. Bcrypt
B. MD5
C. SHA-256
D. Base64
Show Answer
Report This Question
Answer: Bcrypt
137. Which Yii component is used for input validation and sanitization, helping to prevent common security issues?
A. CValidator
B. CActiveRecord methods
C. CException
D. CHttpSession
Show Answer
Report This Question
Answer: CValidator
138. What is the purpose of Yii's CSecurity class in the context of security best practices?
A. To provide methods for secure hashing
B. To handle user authentication
C. To render HTML templates
D. To manage database connections
Show Answer
Report This Question
Answer: To provide methods for secure hashing
139. What is Yii's recommended way to include a JavaScript file from an external source in a Yii view?
A. Yii::app()->clientScript->registerScriptFile()
B. Yii::app()->clientScript->registerScript()
C. Yii::app()->clientScript->registerCoreScript()
D. Yii::app()->clientScript->registerCssFile()
Show Answer
Report This Question
Answer: Yii::app()->clientScript->registerScriptFile()
140. In Yii, what is the purpose of asset bundles?
A. Minify CSS and JavaScript files
B. Organize and manage CSS and JavaScript files
C. Define database tables
D. Execute database queries
Show Answer
Report This Question
Answer: Organize and manage CSS and JavaScript files
