D385 FINAL EXAM QUESTIONS WITH COMPLETE SOLUTIONS | 100 % CORRECT| 2024
D385 FINAL EXAM QUESTIONS WITH COMPLETE SOLUTIONS | 100 % CORRECT| 2024 What is Defensive Programming? - Answer ️️ -- assume mistakes will happen and guard against them - assertions are the most common way of doing this - code checks itself as it runs - always check, validate, and sanitize data Which attribute provides a dictionary of breakpoint instances? - Answer ️️ -- bplist - maintains a (file, line) tuple of breakpoints Which function can be used to return all set breakpoints? - Answer ️️ -- get_all_breaks( ) - returns a string with all set breakpoints Which 3 data types are considered user-provided? - Answer ️️ -- cookies - POST data payloads - URL parameters What are limitations of Static Code Analysis - Answer ️️ -- does not account for runtime vulnerabilities - requires the tester to posses both testing and software development skills - tools would have to be language specific Advantage of Static Code Analysis? - Answer ️️ -- fast turnaround time - especially when tools are used Advantage of Dynamic Code Analysis? - Answer ️️ -- no need to understand how to write software - finds runtime vulnerabilities - requires only a running system; conducted on any application Limitations of Dynamic Code Analysis? - Answer ️️ -- false positives and false negatives - dependent on the correctness of the rules - false sense of security - difficult to trace back to exact location What kind of attacks does Client-side Testing loo
Written for
- Institution
-
Western Governers University
- Course
-
D385
Document information
- Uploaded on
- December 27, 2023
- Number of pages
- 6
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
d385 final exam questions with complete solutions
