Explanation: The Crockford’s subset does not include the with and continue statements or the eval() function. It defines functions using function definition expressions only and does not include the function definition statement.
a) It uses bitwise checking
b) It uses === and !== instead
c) It uses equals() and notequals() instead
d) It uses equalto()
Explanation: The subset does not include the comma operator, the bitwise operators, or the ++ and — operators. It also disallows == and != because of the type conversion they perform, requiring use of === and !== instead.
3. What is being imposed on each subset to ensure that it conforms to the subset?
a) A parser to parse the code
b) A parser that parses and adds to the subset
c) A static verifier that parses code
d) A predefined function to parse the code
Explanation: Each subset is coupled with a static verifier that parses code to ensure that it conforms to the subset.
a) To improve programmer flexibility
b) To balance the workload of the programmer
c) To create an in-built compiler and interpreter
d) To improve programmer productivity
b) The Good Parts
c) Both Sandbox and Good Parts
d) Web browser
a) Highly memory consuming
b) Functions should access the global objects
c) Functions should not access the global objects
d) Very inefficient to use
Explanation: The this keyword is forbidden or restricted because functions (in non-strict mode) can access the global object through this. Preventing access to the global object is one of the key purposes of any sandboxing system.
7. Which are the two functions that are not allowed in any secure subset?
a) evaluate() and restrict()
b) eval() and the Function() constructor
c) debugger() and test()
d) eval() and debugger()
Explanation: eval() and the Function() constructor are not allowed in any secure subset because they allow the execution of arbitrary strings of code, and these strings cannot be statically analyzed.
8. Which is the object that defines methods that allow complete control over page content?
a) The client-side document object
b) The server-side document object
c) Both client-side and server-side document object
d) Web document object
Explanation: A web page is divided into two object documents in which one is client-side document object and the other is server-side document object. The client-side document object defines methods that allow complete control over page content
9. Which was one of the first security subsets proposed?
Explanation: ADsafe was one of the first security subsets proposed) It was created by Douglas Crockford (who also defined The Good Parts subset).ADsafe relies on static verification only, and it uses JSLint as its verifier. It forbids access to most global variables and defines an ADSAFE variable that provides access to a secure API, including special-purpose DOM methods. ADsafe is not in wide use, but it was an influential proof-of-concept that influenced other secure subsets.
10. Which is the subset that transforms web content into secure modules that can be safely hosted on a web page?
a) Microsoft Web Sandbox