CISSP 2024: SOFTWARE DEVELOPMENT
SECURITY QUESTIONS AND ANSWERS
WITH SOLUTIONS 2024
Which software products are intended to be easily installed and to interoperate tightly with existing
system components? - ANSWER COTS
Which of the following would be an aspect of mobile application management? - ANSWER Securing and
removing corporate data within mobile apps
Which of these would be considered poor coding practices? - ANSWER Unsecure usage of repositories
Not relying on stored procedures
Improper input validation
Leaving inoperative dead code
Which organization would offer "API1:2019 Broken Object Level Authorization" as an API top ten
vulnerability? - ANSWER OWASP
Which secure coding practice involves writing code that attackers and other people have a hard time
understanding? - ANSWER Obfuscation
Which is an application development methodology where two or more functionally duplicate versions of
the app are developed from the same specification? - ANSWER Software diversity
SECURITY QUESTIONS AND ANSWERS
WITH SOLUTIONS 2024
Which software products are intended to be easily installed and to interoperate tightly with existing
system components? - ANSWER COTS
Which of the following would be an aspect of mobile application management? - ANSWER Securing and
removing corporate data within mobile apps
Which of these would be considered poor coding practices? - ANSWER Unsecure usage of repositories
Not relying on stored procedures
Improper input validation
Leaving inoperative dead code
Which organization would offer "API1:2019 Broken Object Level Authorization" as an API top ten
vulnerability? - ANSWER OWASP
Which secure coding practice involves writing code that attackers and other people have a hard time
understanding? - ANSWER Obfuscation
Which is an application development methodology where two or more functionally duplicate versions of
the app are developed from the same specification? - ANSWER Software diversity
