Domain 4 - Software Development Security Flashcards
- Maintenance hooks are a security risk because:
a. They allow entry into the code without the usual checks
b. They are trap doors
c. They permit remote access to code
d. They are undocumented
Explanation: Answer a is the correct answer. It is the best answer provided. The most significant risk that maintenance hooks present is they permit circumvention of normal checks designed into the system. Answers c may also be correct, but it cannot be considered to be as significant as answer a. Answer b and d are incorrect because the difference between a maintenance hook and a trap door is that the maintenance hook is documented, and the trap door is not.
- All of the following are effective in combating malicious software with the exception of:
a. Using only commercial software obtained from reliable vendors.
b. Testing all new software on isolated computers.
c. Creation and retention of backup copies of executable files.
d. Monthly use of virus detection software.
Explanation: Answer d is the correct answer. In order to be effective, virus detection software must be used more frequently than once a month. Answers a, b, and c are effective controls for countering malicious code.
- A polymorphic virus is a type of malicious code that:
a. Can change its appearance.
b. Can make multiple copies of itself.
c. Imitates the behavior of another form of virus.
d. Resembles many other types of viruses.
Explanation: Answer a is the correct answer. A polymorphic virus is a form of malicious code that can change its appearance, making it more difficult to scan for. Answer b is incorrect because it describes the behavior of a worm. Answers c and d are distracters.
- A secret, undocumented entry point into a program module is referred to as a:
a. Control bypass.
b. Trap door.
c. Pseudo flaw.
d. Black hole.
Explanation: Answer b is the correct answer. Trap door is the term normally used to refer to a secret, undocumented access point into a module. Answer a describes what a Trap door is, but uses non-standard terminology. Answer c is incorrect since a pseudo flaw, though secret from a potential intruder is not undocumented. Answer d is a distracter.
- Separation of duties functions on the principal employees are less tempted to do wrong if:
a. They must cooperate with another employee to do so.
b. They must submit transactions in the proper sequence.
c. They must perform specific functions at specific times.
d. Management performs strict oversight of their work.
Explanation: Answer a is the correct answer. The aim of separation of duties is to force cooperation between individuals in order to violate security controls. Answers b, c, and d are incorrect since they address performance requirements, and do not relate to the division of job functions to prevent illicit behavior.
- One of the primary reasons why computer systems have bugs is:
a. Malicious code
b. Faulty system design
c. Programming errors
d. Program specifications
Explanation: Answer d is the correct answer. Computer systems have program errors, or bugs because the specifications are either incorrect, or they are implemented incorrectly. Answer a is incorrect since it relates to an intentional threat not caused by an error. Answer b is only partially correct since it does not include bugs caused by programming errors, while answer c is incorrect since it addresses only bugs caused by faulty implementation and does not take into account faulty program specifications.
- One of the primary reasons why computer systems have bugs is:
a. Malicious code
b. Faulty system design
c. Programming errors
d. Program specifications
Explanation: Answer d is the correct answer. Computer systems have program errors, or bugs because the specifications are either incorrect, or they are implemented incorrectly. Answer a is incorrect since it relates to an intentional threat not caused by an error. Answer b is only partially correct since it does not include bugs caused by programming errors, while answer c is incorrect since it addresses only bugs caused by faulty implementation and does not take into account faulty program specifications.
- A time bomb is a type of what form of malicious software:
a. Virus.
b. Trojan Horse.
c. Logic bomb.
d. Worm.
Explanation: Answer c is the correct answer. A logic bomb is a type of malicious code that is activated when a specific condition is met. A time bomb is a logic bomb that is triggered by a time or date. Answers a, b and d are incorrect since they are examples of malicious code that is activated upon the occurrence of a specific condition.
- Robert T. Morris designed the Internet Worm to do all of the following except
a. to determine where it could spread.
b. to spread its infection.
c. to exhaust Internet resources.
d. To remain undiscovered and undiscoverable
Explanation: Answer c is the correct answer. Morris’ original intent was to find out the extent to which the worm could spread, and to actually spread without being detected. However, because of a flaw in its logic, copies of the worm did not terminate as he intended, resulting in severe degradation of system performance, and exhaustion of network resources.
- A program that moves through an address space by making a copy of itself in a new location is known as a:
a. Virus
b. Worm
c. Trojan Horse
d. Logic Bomb
Explanation: Answer b is the correct answer. A worm is an independent program that moves through an address space by making a copy of itself in a new location. Answers a, c, and d are incorrect since viruses, Trojan Horses, and logic bombs are not independent programs, and spread by copying themselves onto another program.
- The files required to perform a batch update are:
a. Master file and transaction file
b. Batch file and record file
c. Update file and production file
d. Sequential file and master file
Explanation: Answer a is the correct answer. The process of updating a batch file uses information from the records in a transaction file to update information in some or all of the records in the master file. Answers b, c and d are distracters.
- A change control board is intended to evaluate all proposed changes on the basis of:
a. Cost-effectiveness and impact.
b. Desirability and correctness.
c. Privacy and security.
d. Timeliness and comprehensiveness.
Explanation: Answer b is the correct answer. The primary purpose of the change control board is to evaluate proposed changes on the basis of how desirable and correct they are. Although answers a, c, and d may be considered by the change control board as part of its evaluation for desirability and correctness, these three answers are too limited in scope to be correct.
- A shared resource matrix is a technique commonly used to locate:
a. Malicious code
b. Security flaws
c. Trap doors
d. Covert channels
Explanation: Answer d is the correct answer. Analyzing resources of a system is one standard for locating covert channels, because the basis of a covert channel is a shared resource. Answers a, b, and c are incorrect since a shared resource matrix will not normally lead to the identification of malicious code, security flaws, or trap doors.
- The process in which an independent security evaluation team checks on compliance with software development standards on an unannounced basis is known as:
a. Independent evaluation
b. Security audit
c. Validation
d. Certification
Explanation: Answer b is the correct answer. A security audit is the process used to ensure that standards are being effectively followed in the development of software. The security audit includes a review of designs, documentation and code to ensure standards have been followed. Answers a, c, and d are incorrect since they are processes used to provide assurance for a specific project, and are too narrow.
- The basic phases of a system life cycle are:
a. Design, programming, installation, operation, retirement.
b. Planning, development, testing, operation, disposal.
c. Initiation, development/acquisition, implementation, operation, disposal
d. Planning, programming, testing, installation, operation, retirement.
Explanation: Answer c is the correct answer. The system life cycle begins with project initiation followed by development or acquisition of the system, implementation of the system, system operation, and then system disposal. Answer a does not include the initiation phase and system design takes place during the development/acquisition phase. Answer b is incorrect since planning is merely a part of the initiation phase. Answer d is incorrect since planning is merely a part of the initiation phase, and testing and installation are each sub-elements of the implementation phase.