31.
Software developers writes software programs PRIMARILY to
- A.create new products
- B.capture market share
- C.solve business problems
- D.mitigate hacker threats
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| IT and software development teams function to provide solutions to the business. Manual and inefficient business processes can be automated and made efficient using software programs. |
32.
The process of combining necessary functions, variables and
dependency files and libraries required for the machine to run the
program is referred to as
- A.compilation
- B.interpretation
- C.linking
- D.instantiation
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| Linking is the process of combining the necessary functions, variables and dependencies files and libraries required for the machine to run the program.The output that results from the linking process is the executable program or machine code/file that the machine can understand and process. In short, linked object code is the executable. Link editors that combine object codes are known as linkers. Upon the completion of the compilation process, the compiler invokes the linker to perform its function. There are two types of linking: static linking and dynamic linking. |
33.
Which of the following is an important consideration to manage
memory and mitigate overflow attacks when choosing a programming
language?
- A.Locality of reference
- B.Type safety
- C.Cyclomatic complexity
- D.Parametric polymorphism
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
|
Code is said to be type safe if it only accesses memory resources that do not
belong to the memory assigned to it. Type safety verification takes place
during the Just In Time (JIT) compilation phase and prevents unsafe code
from becoming active. Although you can disable type safety verification, it
can lead to unpredictable results. The best example is that code can make unrestricted calls to unmanaged code, and if that code has malicious intent, the results can be severe. Therefore, the framework only allows fully trusted assemblies to bypass verification. Type safety is a form of “sandboxing”. Type safety must be one of the most important considerations in regards to security when selecting a programming language. |
34.
Assembly and machine language are examples of
- A.natural language
- B.very high-level language (VHLL)
- C.high-level language (HLL)
- D.low-level language
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| A programming language in which there is little to no abstraction from the native instruction codes that the computer can understand is also referred to as low-level language. There is no abstraction from native instruction codes in machine language. Assembly languages are the lowest level in the software chain, which makes it incredibly suitable for reversing. It is therefore important to have an understanding of low-level programming languages to understand how an attacker will attempt to circumvent the security of the application at its lowest level. |
35.
Using multifactor authentication is effective in mitigating which of the
following application security risks?
- A.Injection flaws
- B.Cross-Site Scripting (XSS)
- C.Buffer overflow
- D.Man-in-the-Middle (MITM)
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| As a defense against a Man-in-the-Middle (MITM) attacks, authentication and session management needs to be in place. Multifactor authentication provides greater defense than single factor authentication and is recommended. Session identifiers that are generated should be unpredictable, random and non-guessable. |
|
|
||||||||||||||||||||||||||||
