FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 11: Software Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 21

Essay

Review LaterAdd Note

Review Later

UNIX related systems provide the chroot system function to limit a program's view of the file system to just one carefully configured section that is known as a ________.

Correct Answer

verified

Show Answer

Question 22

Multiple Choice

Review LaterAdd Note

Review Later

Incorrect handling of program _______ is one of the most common failings in software security.

A) lines
B) input
C) output
D) disciplines

Correct Answer

verified

Show Answer

Question 23

True/False

Review LaterAdd Note

Software security is closely related to software quality and reliability.

A stead reduction in memory available on the heap to the point where it is completely exhausted is known as a ________.

_________ attacks are most commonly seen in scripted Web applications.

Key issues from a software security perspective are whether the implemented algorithm correctly solves the specified problem,whether the machine instructions executed correctly represent the high level algorithm specification,and whether the manipulation of data values in variables is valid and meaningful.

Defensive programming is sometimes referred to as _________.

To prevent XSS attacks any user supplied input should be examined and any dangerous code removed or escaped to block its execution.

_________ is a program flaw that occurs when program input data can accidentally or deliberately influence the flow of execution of the program.

The intent of ________ is to determine whether the program or function correctly handles all abnormal inputs or whether it crashes or otherwise fails to respond appropriately.

Program _______ refers to any source of data that originates outside the program and whose value is not explicitly known by the programmer when the code was written.

"Incorrect Calculation of Buffer Size" is in the __________ software error category.

Defensive programming requires a changed mindset to traditional programming practices.

Two key areas of concern for any input are the _______ of the input and the meaning and interpretation of the input.

A _________ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.

Many computer security vulnerabilities result from poor programming practices.

The principle of ________ strongly suggests that programs should execute with the least amount of privileges needed to complete their function.

There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program.

"Improper Access Control (Authorization) " is in the _________ software error category.

To counter XSS attacks a defensive programmer needs to explicitly identify any assumptions as to the form of input and to verify that any input data conform to those assumptions before any use of the data.