CISSP (Chapter 10 - Software Development Security) Flashcards Preview

CISSP > CISSP (Chapter 10 - Software Development Security) > Flashcards

Flashcards in CISSP (Chapter 10 - Software Development Security) Deck (30):
1

An application is downloaded from the Internet to perform disk cleanup and to delete unnecessary temporary files. The application is also recording network login data and sending them to another party. This application is best described as which of the following?
A. A virus
B. A Trojan horse
C. A worm
D. A logic bomb

B. A Trojan horse looks like an innocent and helpful program, but in the background it is carrying out some type of malicious activity unknown to the user. The Trojan horse could be corrupting files, sending the user’s password to an attacker, or attacking another computer

2

What is the importance of inference in an expert system?
A. The knowledge base contains facts, but must also be able to combine facts to derive new information and solutions.
B. The inference machine is important to fight against multipart viruses.
C. The knowledge base must work in units to mimic neurons in the brain.
D. The access must be controlled to prevent unauthorized access.

A. The whole purpose of an expert system is to look at the data it has to work with and what the user presents to it and to come up with new or different solutions. It basically performs data-mining activities, identifies patterns and relationships the user can’t see, and provides solutions. This is the same reason you would go to a human expert. You would give her your information, and she would combine it with the information she knows and give you a solution or advice, which is not necessarily the same data you gave her

3

A system has been patched many times and has recently become infected with a dangerous virus. If antivirus software indicates that disinfecting a file may damage it, what is the correct action?
A. Disinfect the file and contact the vendor.
B. Back up the data and disinfect the file.
C. Replace the file with the file saved the day before.
D. Restore an uninfected version of the patched file from backup media.

D. Some files cannot be properly sanitized by the antivirus software without destroying them or affecting their functionality. So, the administrator must replace such a file with a known uninfected file. Plus, the administrator needs to make sure he has the patched version of the file, or else he could be introducing other problems. Answer C is not the best answer because the administrator may not know the file was clean yesterday, so just restoring yesterday’s file may put him right back in the same boat

4

What is the purpose of polyinstantiation?
A. To restrict lower-level subjects from accessing low-level information
B. To make a copy of an object and modify the attributes of the second copy
C. To create different objects that will react in different ways to the same input
D. To create different objects that will take on inheritance attributes from their class

B. Instantiation is what happens when an object is created from a class. Polyinstantiation is when more than one object is made and the other copy is modified to have different attributes. This can be done for several reasons. The example given in the chapter was a way to use polyinstantiation for security purposes to ensure that a lower-level subject could not access an object at a higher level

5

Database views provide what type of security control?
A. Detective
B. Corrective
C. Preventive
D. Administrative

C. A database view is put into place to prevent certain users from viewing specific data. This is a preventive measure, because the administrator is preventing the users from seeing data not meant for them. This is one control to prevent inference attacks.

6

Which of the following is used to deter database inference attacks?
A. Partitioning, cell suppression, and noise and perturbation
B. Controlling access to the data dictionary
C. Partitioning, cell suppression, and small query sets
D. Partitioning, noise and perturbation, and small query sets

A. Partitioning means to logically split the database into parts. Views then dictate what users can view specific parts. Cell suppression means that specific cells are not viewable by certain users. And noise and perturbation is when bogus information is inserted into the database to try to give potential attackers incorrect information

7

When should security first be addressed in a project?
A. During requirements development
B. During integration testing
C. During design specifications
D. During implementation

A. The trick to this question, and any one like it, is that security should be implemented at the first possible phase of a project. Requirements are gathered and developed at the beginning of a project, which is project initiation. The other answers are steps that follow this phase, and security should be integrated right from the beginning instead of in the middle or at the end

8

Online application systems that detect an invalid transaction should do which of the following?
A. Roll back and rewrite over original data.
B. Terminate all transactions until properly addressed.
C. Write a report to be reviewed.
D. Checkpoint each data entry.

C. This can seem like a tricky question. It is asking you if the system detected an invalid transaction, which is most likely a user error. This error should be logged so it can be reviewed. After the review, the supervisor, or whoever makes this type of decision, will decide whether or not it was a mistake and investigate it as needed. If the system had a glitch, power fluctuation, hang-up, or any other software- or hardware-related error, it would not be an invalid transaction, and in that case the system would carry out a rollback function

9

Which of the following are rows and columns within relational databases?
A. Rows and tuples
B. Attributes and rows
C. Keys and views
D. Tuples and attributes

D. In a relational database, a row is referred to as a tuple, whereas a column is referred to as an attribute.

10

Databases can record transactions in real time, which usually updates more than one database in a distributed environment. This type of complexity can introduce many integrity threats, so the database software should implement the characteristics of what’s known as the ACID test. Which of the following are incorrect characteristics of the ACID test?
i. Atomicity Divides transactions into units of work and ensures that all modifications take effect or none take effect.
ii. Consistency A transaction must follow the integrity policy developed for that particular database and ensure all data are consistent in the different databases.
iii. Isolation Transactions execute in isolation until completed, without interacting with other transactions.
iv. Durability Once the transaction is verified as inaccurate on all systems, it is committed and the databases cannot be rolled back.

A. i, ii
B. ii. iii
C. ii, iv
D. iv

D. The following are correct characteristics of the ACID test:
• Atomicity Divides transactions into units of work and ensures that all modifications take effect or none take effect. Either the changes are committed or the database is rolled back.
• Consistency A transaction must follow the integrity policy developed for that particular database and ensure all data are consistent in the different databases.
• Isolation Transactions execute in isolation until completed without interacting with other transactions. The results of the modification are not available until the transaction is completed.
• Durability Once the transaction is verified as accurate on all systems, it is committed and the databases cannot be rolled back.

11

The software development life cycle has several phases. Which of the following lists these phases in the correct order?
A. Project initiation, system design specifications, functional design analysis and planning, software development, installation/implementation, operational/maintenance, disposal
B. Project initiation, functional design analysis and planning, system design specifications, software development, installation/implementation, operational/maintenance, disposal
C. Project initiation, functional design analysis and planning, software development, system design specifications, installation/implementation, operational/maintenance, disposal
D. Project initiation, system design specifications, functional design analysis and planning, software development, operational/maintenance

B. The following outlines the common phases of the software development life cycle:
1. Project initiation
2. Functional design analysis and planning
3. System design specifications
4. Software development
5. Testing
6. Installation/implementation
7. Operational/maintenance
8. Disposal

12

John is a manager of the application development department within his company. He needs to make sure his team is carrying out all of the correct testing types and at the right times of the development stages. Which of the following have the best descriptions of the types of software testing that should be carried out?
i. Unit testing Individual component is in a controlled environment where programmers validate data structure, logic, and boundary conditions.
ii. Integration testing Verifying that components work together as outlined in design specifications.
iii. Acceptance testing Ensuring that the code meets customer requirements.
iv. Regression testing After a change to a system takes place, retesting to ensure functionality, performance, and protection.

A. i, ii
B. ii, iii
C. i, ii, iv
D. i, ii, iii, iv

D. There are different types of tests the software should go through because there are different potential flaws we will be looking for. The following are some of the most common testing approaches:
• Unit testing Individual component is in a controlled environment where programmers validate data structure, logic, and boundary conditions.
• Integration testing Verifying that components work together as outlined in design specifications.
• Acceptance testing Ensuring that the code meets customer requirements.
• Regression testing After a change to a system takes place, retesting to ensure functionality, performance, and protection.

13

Tim is a software developer for a financial institution. He develops middleware software code that carries out his company’s business logic functions. One of the applications he works with is written in the C programming language and seems to be taking up too much memory as it runs over a period of time. Which of the following best describes what Tim should implement to rid this software of this type of problem?
A. Bounds checking
B. Garbage collector
C. Parameter checking
D. Compiling

B. Garbage collection is an automated way for software to carry out part of its memory management tasks. A garbage collector identifies blocks of memory that were once allocated but are no longer in use and deallocates the blocks and marks them as free. It also gathers scattered blocks of free memory and combines them into larger blocks. It helps provide a more stable environment and does not waste precious memory. Some programming languages, such as Java, perform automatic garbage collection; others, such as C, require the developer to perform it manually, thus leaving opportunity for error.

14

Marge has to choose a software development model that her team should follow. The application that her team is responsible for developing is a critical application that can have little to no errors. Which of the following best describes the type of model her team should follow?
A. Cleanroom
B. Joint Analysis Development (JAD)
C. Rapid Application Development (RAD)
D. Reuse Model

A. The software development models and their definitions are as follows:
• Joint Analysis Development (JAD) A method that uses a team approach in application development in a workshop-oriented environment.
• Rapid Application Development (RAD) A method of determining user requirements and developing systems quickly to satisfy immediate needs.
• Reuse Model A model that approaches software development by using progressively developed models. Reusable programs are evolved by gradually modifying pre-existing prototypes to customer specifications. Since the Reuse model does not require programs to be built from scratch, it drastically reduces both development cost and time.
• Cleanroom An approach that attempts to prevent errors or mistakes by following structured and formal methods of developing and testing. This approach is used for high-quality and critical applications that will be put through a strict certification process.

15

__________ is a software testing technique that provides invalid, unexpected, or random data to the input interfaces of a program.
A. Agile testing
B. Structured testing
C. Fuzzing
D. EICAR

C. Fuzz testing or fuzzing is a software testing technique that provides invalid, unexpected, or random data to the input interfaces of a program. If the program fails (for example, by crashing or failing built-in code assertions), the defects can be noted.

16

Which of the following is the second level of the Capability Maturity Model Integration?
A. Repeatable
B. Defined
C. Managed
D. Optimizing

A. The five levels of the Capability Maturity Integration Model are:
• Initial Development process is ad hoc or even chaotic. The company does not use effective management procedures and plans. There is no assurance of consistency, and quality is unpredictable.
• Repeatable A formal management structure, change control, and quality assurance are in place. The company can properly repeat processes throughout each project. The company does not have formal process models defined.
• Defined Formal procedures are in place that outline and define processes carried out in each project. The organization has a way to allow for quantitative process improvement.
• Managed The company has formal processes in place to collect and analyze quantitative data, and metrics are defined and fed into the process-improvement program.
• Optimizing The company has budgeted and integrated plans for continuous process improvement.

17

One of the characteristics of object-oriented programming is deferred commitment. Which of the following is the best description for this characteristic?
A. Autonomous objects, cooperation through exchanges of messages.
B. The internal components of an object can be redefined without changing other parts of the system.
C. Refining classes through inheritance.
D. Object-oriented analysis, design, and modeling map to business needs and solutions.

B. The characteristics and their associated definitions are listed as follows:
• Modularity Autonomous objects, cooperation through exchanges of messages.
• Deferred commitment The internal components of an object can be redefined without changing other parts of the system.
• Reusability Other programs using the same objects.
• Naturalness Object-oriented analysis, design, and modeling map to business needs and solutions.

18

Which of the following attack type best describes what commonly takes place to overwrite a return pointer memory segment?
A. Traversal attack
B. UNICODE attack
C. URL encoding attack
D. Buffer overflow attack

D. The buffer overflow is probably the most notorious of input validation mistakes. A buffer is an area reserved by an application to store something in it, such as some user input. After the application receives the input, an instruction pointer points the application to do something with the input that’s been put in the buffer. A buffer overflow occurs when an application erroneously allows an invalid amount of input to be written into the buffer area, overwriting the instruction pointer in the code that tells the program what to do with the input. Once the instruction pointer is overwritten, whatever code has been placed in the buffer can then be executed, all under the security context of the application.

19

Which of the following has an incorrect attack to definition mapping?
A. EBJ XSS Content processing stages performed by the client, typically in client-side Java
B. Nonpersistent XSS attack Improper sanitation of response from a
web client
C. Persistent XSS attack Data provided by attackers are saved on the server
D. DOM-based XSS attack Content processing stages performed by the client, typically in client-side JavaScript

A. The nonpersistent cross-site scripting vulnerability is when the data provided by a web client, most commonly in HTTP query parameters or in HTML form submissions, are used immediately by server-side scripts to generate a page of results for that user without properly sanitizing the response. The persistent XSS vulnerability occurs when the data provided by the attacker are saved by the server and then permanently displayed on “normal” pages returned to other users in the course of regular browsing without proper HTML escaping. DOM-based vulnerabilities occur in the content processing stages performed by the client, typically in client-side JavaScript.

20

John is reviewing database products. He needs a product that can manipulate a standard set of data for his company’s business logic needs. Which of the following should the necessary product implement?
A. Relational database
B. Object-relational database
C. Network database
D. Dynamic-static

B. An object-relational database (ORD) or object-relational database management system (ORDBMS) is a relational database with a software front end that is written in an object-oriented programming language. Different companies will have different business logic that needs to be carried out on the stored data. Allowing programmers to develop this front-end software piece allows the business logic procedures to be used by requesting applications and the data within the database.

21

ActiveX Data Objects (ADO) is an API that allows applications to access back-end database systems. It is a set of ODBC interfaces that exposes the functionality of data sources through accessible objects. Which of the following are incorrect characteristics of ADO?
i. It’s a low-level data access programming interface to an underlying data access technology (such as OLE DB).
ii. It’s a set of COM objects for accessing data sources, not just database access.
iii. It allows a developer to write programs that access data without knowing how the database is implemented.
iv. SQL commands are required to access a database when using ADO.

A. i, iv
B. ii, iii
C. i, ii, iii
D. i, ii, iii, iv

A. The following are correct characteristics of ADO:
• It’s a high-level data access programming interface to an underlying data access technology (such as OLE DB).
• It’s a set of COM objects for accessing data sources, not just database access.
• It allows a developer to write programs that access data without knowing how the database is implemented.
• SQL commands are not required to access a database when using ADO.

22

Database software performs three main types of integrity services: semantic, referential, and entity. Which of the following correctly describes one of these services?
i. A semantic integrity mechanism makes sure structural and semantic rules are enforced.
ii. A database has referential integrity if all foreign keys reference existing primary keys.
iii. Entity integrity guarantees that the tuples are uniquely identified by primary key values.

A. ii
B. ii, iii
C. i, ii, iii
D. i, ii

C. A semantic integrity mechanism makes sure structural and semantic rules are enforced. These rules pertain to data types, logical values, uniqueness constraints, and operations that could adversely affect the structure of the database. A database has referential integrity if all foreign keys reference existing primary keys. There should be a mechanism in place that ensures no foreign key contains a reference to a primary key of a nonexisting record, or a null value. Entity integrity guarantees that the tuples are uniquely identified by primary key values. For the sake of entity integrity, every tuple must contain one primary key. If it does not have a primary key, it cannot be referenced by the database.

23

Which of the following is a field of study that focuses on ways of understanding and analyzing data in databases, with concentration on automation advancements?
A. Artificial intelligence
B. Knowledge discovery in databases
C. Expert system development
D. Artificial neural networking

B. Knowledge discovery in databases (KDD) is a field of study that works with metadata and attempts to put standards and conventions in place on the way that data are analyzed and interpreted. KDD is used to identify patterns and relationships between data. It is also called data mining.

24

Sandy has just started as the manager of software development at a new company. There are a few things that Sandy is finding out as she interviews her new team members that may need to be approached differently. Programmers currently develop software code and upload it to a centralized server for backup purposes. The server software does not have versioning control capability, so sometimes the end software product contains outdated code elements. She has also discovered that many in-house business software packages follow the Common Object Request Broker Architecture, which does not necessarily allow for easy reuse of distributed web services available throughout the network. One of the team members has combined several open API functionalities within a business-oriented software package.

Which of the following is the best technology for Sandy’s team to implement as it pertains to the previous scenario?
A. Computer-aided software engineering tools
B. Software configuration management
C. Software development life-cycle management
D. Software engineering best practices

B. Software Configuration Management (SCM) identifies the attributes of software at various points in time, and performs a methodical control of changes for the purpose of maintaining software integrity and traceability throughout the software development life cycle. It defines the need to track changes and provides the ability to verify that the final delivered software has all of the approved changes that are supposed to be included in the release.

25

Sandy has just started as the manager of software development at a new company. There are a few things that Sandy is finding out as she interviews her new team members that may need to be approached differently. Programmers currently develop software code and upload it to a centralized server for backup purposes. The server software does not have versioning control capability, so sometimes the end software product contains outdated code elements. She has also discovered that many in-house business software packages follow the Common Object Request Broker Architecture, which does not necessarily allow for easy reuse of distributed web services available throughout the network. One of the team members has combined several open API functionalities within a business-oriented software package.

Which is the best software architecture that Sandy should introduce her team to for effective business application use?
A. Distributed component object architecture
B. Simple Object Access Protocol architecture
C. Enterprise JavaBeans architecture
D. Service-oriented architecture

D. A service-oriented architecture (SOA) provides standardized access to the most needed services to many different applications at one time. This approach allows for different business applications to access the current web services available within the environment.

26

Sandy has just started as the manager of software development at a new company. There are a few things that Sandy is finding out as she interviews her new team members that may need to be approached differently. Programmers currently develop software code and upload it to a centralized server for backup purposes. The server software does not have versioning control capability, so sometimes the end software product contains outdated code elements. She has also discovered that many in-house business software packages follow the Common Object Request Broker Architecture, which does not necessarily allow for easy reuse of distributed web services available throughout the network. One of the team members has combined several open API functionalities within a business-oriented software package.

Which best describes the approach Sandy’s team member took when creating the business-oriented software package mentioned within the scenario?
A. Software as a Service
B. Cloud computing
C. Web services
D. Mashup

D. A mashup is the combination of functionality, data, and presentation capabilities of two or more sources to provide some type of new service or functionality. Open APIs and data sources are commonly aggregated and combined to provide a more useful and powerful resource.

27

Karen wants her team to develop software that allows her company to take advantage of and use many of the web services currently available by other companies. Which of the following best describes the components that need to be in place and what their roles are?

A. Web service provides the application functionality. Universal Description, Discovery, and Integration describes the web service’s specifications. The Web Services Description Language provides the mechanisms for web services to be posted and discovered. The Simple Object Access Protocol allows for the exchange of messages between a requester and provider of
a web service.
B. Web service provides the application functionality. The Web Services Description Language describes the web service’s specifications.
Universal Description, Discovery, and Integration provides the mechanisms for web services to be posted and discovered. The Simple Object Access Protocol allows for the exchange of messages between a requester and provider of a web service.
C. Web service provides the application functionality. The Web Services Description Language describes the web service’s specifications. Simple Object Access Protocol provides the mechanisms for web services to be posted and discovered. Universal Description, Discovery, and Integration allows for the exchange of messages between a requester and provider of
a web service.
D. Web service provides the application functionality. The Simple Object Access Protocol describes the web service’s specifications. Universal Description, Discovery, and Integration provides the mechanisms for web services to be posted and discovered. The Web Services Description Language allows for the exchange of messages between a requester and provider of a web service.

B. Web service provides the application functionality. The Web Services Description Language describes the web service’s specifications. Universal Description, Discovery, and Integration provides the mechanisms for web services to be posted and discovered. The Simple Object Access Protocol allows for the exchange of messages between a requester and provider of a web service.

28

Brad is a new security administrator within a retail company. He is discovering several issues that his security team needs to address to better secure their organization overall. When reviewing different web server logs, he finds several HTTP server requests with the following characters “%20” and “../”. The web server software ensures that users input the correct information within the forms that are presented to them via their web browsers. Brad identifies that the organization has a two-tier network architecture in place, which allows the web servers to directly interact with the back-end database.

Which of the following best describes attacks that could be taking place against this organization?
A. Cross-site scripting and certification stealing
B. URL encoding and directory transversal attacks
C. Parameter validation manipulation and session management attacks
D. Replay and password brute force attacks

B. The characters “%20” are encoding values that attackers commonly use in URL encoding attacks. These encoding values can be used to bypass web server filtering rules and can result in the attacker being able to gain unauthorized access to components of the web server. The characters “../” can be used by attackers in similar web server requests, which instruct the web server software to traverse directories that should be inaccessible. This is commonly referred to as a path or directory traversal attack.

29

Brad is a new security administrator within a retail company. He is discovering several issues that his security team needs to address to better secure their organization overall. When reviewing different web server logs, he finds several HTTP server requests with the following characters “%20” and “../”. The web server software ensures that users input the correct information within the forms that are presented to them via their web browsers. Brad identifies that the organization has a two-tier network architecture in place, which allows the web servers to directly interact with the back-end database.

The web server software is currently carrying out which of the following functions and what is an associated security concern Brad should address?
A. Client-side validation The web server should carry out a secondary set of input validation rules on the presented data before processing them.
B. Server-side includes validation The web server should carry out a secondary set of input validation rules on the presented data before processing them.
C. Data Source Name logical naming access The web server should be carrying out a second set of reference integrity rules.
D. Data Source Name logical naming access The web server should carry out a secondary set of input validation rules on the presented data before processing them.

A. Client-side validation is being carried out. This procedure ensures that the data that are inserted into the form contain valid values before being sent to the web server for processing. The web server should not just rely upon client-side validation, but should also carry out a second set of procedures to ensure that the input values are not illegal and potentially malicious

30

Brad is a new security administrator within a retail company. He is discovering several issues that his security team needs to address to better secure their organization overall. When reviewing different web server logs, he finds several HTTP server requests with the following characters “%20” and “../”. The web server software ensures that users input the correct information within the forms that are presented to them via their web browsers. Brad identifies that the organization has a two-tier network architecture in place, which allows the web servers to directly interact with the back-end database.

Pertaining to the network architecture described in the previous scenario, which of the following attack types should Brad be concerned with?
A. Parameter validation attack
B. Injection attack
C. Cross-site scripting
D. Database connector attack

B. The current architecture allows for web server software to directly communicate with a back-end database. Brad should ensure that proper database access authentication is taking place so that SQL injection attacks cannot be carried out. In a SQL injection attack the attacker sends over input values that the database carries out as commands and can allow authentication to be successfully bypassed