n the course of selecting an effective programming language, languages that are ________ should not be used by software when security is a necessity.Question 17Answera.At risk of buffer overflowsb.Below the application levelc.Compromised by SQl injectiond.Above the physical level
Question
n the course of selecting an effective programming language, languages that are ________ should not be used by software when security is a necessity.Question 17Answera.At risk of buffer overflowsb.Below the application levelc.Compromised by SQl injectiond.Above the physical level
Solution
The correct answer is a. At risk of buffer overflows.
Buffer overflows are a common software vulnerability. They occur when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. This can lead to erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. Therefore, languages that are at risk of buffer overflows should not be used when security is a necessity.
Similar Questions
Which one of the following is NOT a step of the risk-based testing process for secure software?Question 16Answera.Audit of software and documentationb.Software analysisc.Documentation of asset awarenessd.Identification of assets and objectivesClear my choiceQuestion 17Not yet answeredPoints out of 1.00Flag questionTipsQuestion textIn the course of selecting an effective programming language, languages that are ________ should not be used by software when security is a necessity.Question 17Answera.At risk of buffer overflowsb.Below the application levelc.Compromised by SQl injectiond.Above the physical levelClear my choiceQuestion 18Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhen designing security architecture for software development, creators should do which of the following?Question 18Answera.Rely primarily on obfuscation for security concerns.b.Do not worry about separating functions needing higher privilege from othersc.Decide how much security is enough.d.Do not be too concerned about reducing the damage from hacking activitiesClear my choiceQuestion 19Not yet answeredPoints out of 1.00Flag questionTipsQuestion textAn important goal to meet when designing efficient, secure software is to __________.Question 19Answera.Create the design understanding that the specifications will be expanded until the project is deployedb.Allow for additional functions to remain in the software so they may be used laterc.Determine the amount of time it will take to complete the designd.Create the design with an understanding that the initial security measures may fail due to new attacks or vulnerabilitiesClear my choiceQuestion 20Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding secure software development, ___________ states that the impact (or damage) that can occur after a vulnerability is exploited should be minimized.Question 20Answera.Damage confinementb.Impact vulnerability policyc.Impact survivabilityd.Damage consumption
Which of the following comes under the threat category ‘Software Attack’?Group of answer choicesBuffer OverrunSQL InjectionCross-Site ScriptingTrojan Horse
The programming language of the third generation learned by most students when most computers used MS DOS was ________. It continues as a secure programming language to use 3rd party code and offers a standard for coding that readily integrates with other programming languages.Multiple ChoiceLIONCEZBASIC
Among the given statements about database management applications, which is NOT TRUE?Select one:a.The SQL (Structured Querying Language) programming language is a popular language used for database programming.b.Database management applications offer security by restricting access to data based upon user names and passwords.c.In a database, several people can access the same data at the same time.d.None of these
___________________ vulnerabilities may be exploited for a man in the middle attack.Question 2Answera.Transferb.Communicationc.Datad.SharingClear my choiceQuestion 3Not yet answeredPoints out of 1.00Flag questionTipsQuestion text_______ is a desirable software trait simply because it is easier to find errors in software with this trait than it is to search through numerous classes to find errors in software that has many more unnecessary lines of code written.Question 3Answera.Traceabilityb.Predictabilityc.Dependabilityd.None of the aboveClear my choiceQuestion 4Not yet answeredPoints out of 1.00Flag questionTipsQuestion textAttackers often use _________ to force software into a stage whereby the attacker can change the value of variables in order to change the functionality of the software or gain access to the system.Question 4Answera.Countermeasureb.Vulnerabilityc.Errord.OverflowClear my choiceQuestion 5Not yet answeredPoints out of 1.00Flag questionTipsQuestion text__________ attack occurs when an attacker takes advantage of buffer data that is stored in the program's runtime stack where local variables and functions are stored in memory, making it easy for an attacker to figure out exactly which memory to overwrite.Question 5Answera.Dynamic deallocationb.Buffer deallocationc.Heap overflowd.Stack overflowClear my choice
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.