Test your basic knowledge |

CISSP Secure Software Development

Subjects : it-skills, cissp
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Allows user to bypass failed security controls






2. Attributes identifying a record






3. This is a system of algorithms or rules that infer new facts about knowledge and incoming data.






4. A component in a distributed environment that's downloaded and executed by a web browser. Also known as mobile code because they're downloaded from a server and run on a client






5. A database whose components exist in multiple physical locations. This type of database can be hierarchical or network or relational or object or any other design.






6. OBDC; JDBC; XML; OLE; ADO






7. The part of access control that relates to how finely you can control who can see and manipulate data in which databases and tables and rows and fields.






8. Current Software Environment ; open source; program






9. Write good code the first time; controls defects in software; quality achieved through design versus testing and remediation;






10. A program that claims to be something but turns out to be malicious






11. looking for unprotected modems






12. computer Aided Software Engineering Tools using computers and computer utilities to support software engineering tasks and activities in the process fo developing software-compilers; assemblers; linkers; translators; loaders; debuggers; program edito






13. spiral method; nested version of waterfall method; estimated costs and schedules are revised at the end of the assessment Decision to proceed/cancel project is revisited after each risk assessment






14. Allows for successive refinements of requirements; design and coding; requires change control mechanism;prototyping initial concept; desing and implement initial prototype; refine prototype; complete and release






15. An application that consists of components on separate and networked systems.






16. Common Object Reqquest Broker






17. The system is approved to be put into production






18. process quantitatively measured and controlled






19. A software component in a distributed system that performs a particular service or function. (e.g. Patch management or Host-based intrusion detection systems (HIDS) and performance and capacity monitoring.






20. Signature based detection; heuristic based detection;hoaxes;logic bomb;trojan horse;worm;agents/bots;spyware






21. Open Databaes Connectivity






22. A database whose components exist in multiple physical locations. It is so named because of its location not its design. This type of database can be hierarchical or network or relational or object or any other design.






23. A database of databases






24. identifies open ports on a host






25. Online Transaction Processing- records all business transactions as they occur;acts as monitor; detects process aborts;restarts aborted processes;backs out failed transaction;allows distribution of multiple copies of application servers;performs dyna






26. A malicious program that spreads by attacking known weaknesses on computer systems.






27. Level 0 Security Kernel; reference monitor;level 1 and 2; device drivers; level 3 user mode






28. Records structured in heirarchy






29. Not trained or bound by sys dev practices; no proper app design no change control no support; apps lack security






30. Two dimensional tables






31. A part of the overall object-oriented application design - the objects in an object database include datarecords as well as their methods (application code).






32. A software development methodology that focuses on Defect prevention rather than defect removal. The goal is to write the code correctly the first time!






33. A component in a distributed environment that's downloaded and executed by a web browser. Also known as mobile code because they're downloaded from a server and run on a client






34. Distributed Component Object Model-allows apps to access objects on different parts of the network






35. focused on continuous process improvement






36. source/destination IP and Port set to same






37. identifies hosts that are alive






38. A process used to avoid collisions in which two or more programs may be trying to update the same table or row at the same time.






39. Object Linking and Embedding; access to data no matter the location or format






40. The tree structure of a collection of objects and classes






41. Unique identifier






42. Allows one change at a time






43. Structured Query Language






44. A particular object that's a member of a class






45. Oligomorphic-code similar to polymorphic; but has decryptor that does not show up on signature list; metamorphic; reprograms itself; carries various versions for itself; translates itself into temporary representations and then back to normal code; z






46. packets in excess of 65535 bytes sent targeted machine






47. An attack that is a special form of social engineering in which an attacker posing as a system or security administrator or vendor tells unsuspecting users that a security flaw has been discovered on their system and that they should install a certai






48. mimic the biological function of the brain






49. Attacks employing specially crafted user input-unicode format for a browser URL that bypasses firewall rulessets ;structured query language queries in the borwser URL box






50. Ideal for web development; allows for basic functionality to be deployed in a quick time frame; maintenance phase begins after deployment; application evolves as the environment changes