Computer Security: Principles and
Practice (Ch. 11, Software Security)
Exam Questions With 100% Verified
Answers
Software can broadly be divided into two categories: ________ and
________. -
correct answer ✅Operating systems, application software
Atomic operation -
correct answer ✅A function or action implemented as a sequence
of one or more instructions that appears to be indivisible; that is,
no other process can see an intermediate state or interrupt the
operation. The sequence of instruction is guaranteed to execute as
a group, or not execute at all, having no visible effect on system
state. Atomicity guarantees isolation from concurrent processes.
Canonicalization -
correct answer ✅Replacing alternate, equivalent encodings by one
common value
code injection -
correct answer ✅A method used by hackers to insert malicious
code into otherwise legitimate files or data transmissions.
, Computer Security: Principles and
Practice (Ch. 11, Software Security)
Exam Questions With 100% Verified
Answers
Command injection -
correct answer ✅Input used in the construction of a command
that is subsequently executed by the system with the privileges of
the web server.
Cross-Site Scripting (XSS) -
correct answer ✅a technique used to compromise database data
in which web page scripting is injected into the server
XSS reflection -
correct answer ✅The most common variant, here the attacker
includes malicious script content in data supplied to a site. If this
content is subsequently displayed to other users without sufficient
checking, they will execute the script assuming it is trusted to
access any data associated with that site. An example would be
guestbook program
Defensive/secure programming -
correct answer ✅The process of designing and implementing
software so it continues to function even when under attack.
Practice (Ch. 11, Software Security)
Exam Questions With 100% Verified
Answers
Software can broadly be divided into two categories: ________ and
________. -
correct answer ✅Operating systems, application software
Atomic operation -
correct answer ✅A function or action implemented as a sequence
of one or more instructions that appears to be indivisible; that is,
no other process can see an intermediate state or interrupt the
operation. The sequence of instruction is guaranteed to execute as
a group, or not execute at all, having no visible effect on system
state. Atomicity guarantees isolation from concurrent processes.
Canonicalization -
correct answer ✅Replacing alternate, equivalent encodings by one
common value
code injection -
correct answer ✅A method used by hackers to insert malicious
code into otherwise legitimate files or data transmissions.
, Computer Security: Principles and
Practice (Ch. 11, Software Security)
Exam Questions With 100% Verified
Answers
Command injection -
correct answer ✅Input used in the construction of a command
that is subsequently executed by the system with the privileges of
the web server.
Cross-Site Scripting (XSS) -
correct answer ✅a technique used to compromise database data
in which web page scripting is injected into the server
XSS reflection -
correct answer ✅The most common variant, here the attacker
includes malicious script content in data supplied to a site. If this
content is subsequently displayed to other users without sufficient
checking, they will execute the script assuming it is trusted to
access any data associated with that site. An example would be
guestbook program
Defensive/secure programming -
correct answer ✅The process of designing and implementing
software so it continues to function even when under attack.
