CYBR 201 CHAPTER 19 - Secure
Software Development Exam
Questions With 100% Verified Answers
The _______________ is a linear software engineering model with
no repeating steps. -
correct answer ✅Waterfall Model
A(n) _______________ causes an application to malfunction
because of a misrepresented name for a resource. -
correct answer ✅Canonicalization errors
CWE-20: Improper Input Validation refers to a(n)
_______________. -
correct answer ✅CWE/SANS Top 25 Most Dangerous Software
Errors
Using a series of malformed inputs to test for conditions such as
buffer overflows is called _______________. -
correct answer ✅Fuzzing
Modifying a SQL statement through false input to a function is an
example of _______________. -
correct answer ✅Code Injection
, CYBR 201 CHAPTER 19 - Secure
Software Development Exam
Questions With 100% Verified Answers
Using an administrator-level account for all functions is a violation
of the principle of _______________. -
correct answer ✅Least Privilege
The _______________ is the first opportunity to address security
functionality during a project. -
correct answer ✅Requirement Phase
The banning of _______________ helps improve code quality by
using safer library calls. -
correct answer ✅Deprecated Functions
A(n) _______________ is a vulnerability that has been discovered
by hackers but not by the developers of the software. -
correct answer ✅Zero-day
A number that is suitable for an encryption function is called
_______________. -
correct answer ✅Cryptographically random
Software Development Exam
Questions With 100% Verified Answers
The _______________ is a linear software engineering model with
no repeating steps. -
correct answer ✅Waterfall Model
A(n) _______________ causes an application to malfunction
because of a misrepresented name for a resource. -
correct answer ✅Canonicalization errors
CWE-20: Improper Input Validation refers to a(n)
_______________. -
correct answer ✅CWE/SANS Top 25 Most Dangerous Software
Errors
Using a series of malformed inputs to test for conditions such as
buffer overflows is called _______________. -
correct answer ✅Fuzzing
Modifying a SQL statement through false input to a function is an
example of _______________. -
correct answer ✅Code Injection
, CYBR 201 CHAPTER 19 - Secure
Software Development Exam
Questions With 100% Verified Answers
Using an administrator-level account for all functions is a violation
of the principle of _______________. -
correct answer ✅Least Privilege
The _______________ is the first opportunity to address security
functionality during a project. -
correct answer ✅Requirement Phase
The banning of _______________ helps improve code quality by
using safer library calls. -
correct answer ✅Deprecated Functions
A(n) _______________ is a vulnerability that has been discovered
by hackers but not by the developers of the software. -
correct answer ✅Zero-day
A number that is suitable for an encryption function is called
_______________. -
correct answer ✅Cryptographically random
