Domain 8

Question 1

Uses programs to assist in the creation and maintenance of other computer programs

Answer 1

CASE (computer aided software engineering)

Question 2

What are the 3 types of CASE software?

Answer 2

tools: support only specific task in the sw production process

workbenches: support one or a few sw process activities by integrating several tools in a single application

environments: support all or at least part of the sw production process with a collection of tools and workbenches

Question 3

free of charge to use sw

Answer 3

freeware

Question 4

fully functional proprietary software that may be initially free of charge

Answer 4

shareware

Question 5

partially functioning proprietary software with key features disabled

Answer 5

crippleware

Question 6

linear application development model that uses rigid phases; when one phase ends, the next begins.

Answer 6

waterfall

Question 7

has highly overlapping steps. named after sashimi for its overlapping layers of fish. The steps are similar to waterfall except it’s steps overlap

Answer 7

sashimi

Question 8

an agile development method that uses pairs of programmers who work off a detailed specification

Answer 8

XP (extreme programming)

Question 9

a software development model designed to control risk

Answer 9

spiral

Question 10

Rapidly develops sw via the use of prototypes, ‘dummy’ GUIs, back -end databases and more

Answer 10

RAD (rapid application development)

Question 11

A customer focused group that focuses on the entire lifecycle of a project

Answer 11

IPT (integrated product team)

Question 12

Having a third party store an archive of computer software

Answer 12

software escrow

Question 13

Tracks changes to a specific piece of software

Answer 13

configuration management

Question 14

tracks changes across an entire software development program

Answer 14

change management

Question 15

every foreign key in a secondary table matches a primary key in the parent table

Answer 15

referential integrity

Question 16

each attribute value is consistent with the attribute data type

Answer 16

semantic integrity

Question 17

each tuple has a unique primary key that is not null

Answer 17

entity integrity

Question 18

language used to create, modify, and delete tables in a database

Answer 18

DDL (data definition language)

Question 19

used to query and update data stored in tables of a database

Answer 19

DML (data manipulation language)

Question 20

XXS excutes a script in a ___ context

Answer 20

trusted

Question 21

privately sharing vulnerability information with a vendor and withholding public release until a patch is available

Answer 21

responsible disclosure

Question 22

releasing vulnerability details publicly

Answer 22

full disclosure

Question 23

A maturity framework for evaluating and improving the software development process

Answer 23

CMM ( Capability maturity model)

Question 24

facilitator of a scrum team

Answer 24

scrum master

Question 25

Gradually releasing new features to a subset of users as an early warning system to see if anything breaks before releasing to a wider audience

Answer 25

Canary

Question 26

CMM ratings and describe them

Answer 26

Initial: processes unpredictable poorly controlled and reactive Repeatable: Processes characterized for projects, and often reactive Defined: Processes characterized for projects and is proactive Managed: Processes measured and controlled Optimized: Focus on process improvement

Question 27

Most commonly used API and is lightweight and fast

Answer 27

REST

Question 28

More complex and heavyweight API but provides more capabilities

Answer 28

SOAP

Question 29

creating code that is difficult to understand

Answer 29

code obfuscation

Question 30

modifies the look of the code

Answer 30

lexical

Question 31

modifies flow of control of code

Answer 31

control flow

Question 32

Persistent XSS attack

Answer 32

stored XSS attack

Question 33

More common XSS attack

Answer 33

reflective

Question 34

How do you prevent XSS attacks?

Answer 34

input validation

Question 35

Guarantees database transactions are processed reliably

Answer 35

ACID A: atomicity - all changes take effect or none of them do C: consistency - updates to the database are consistent with the rules, the rules are enforced I: isolation - transactions are invisible to others until they are complete D: durability: - completed transactions will not be lost

Question 36

Guarantees database transactions are processed reliably

Answer 36

ACID A: atomicity - all changes take effect or none of them do C: consistency - updates to the database are consistent with the rules, the rules are enforced I: isolation - transactions are invisible to others until they are complete D: durability: - completed transactions wil not be lost