Chat with AI
Deck 9: Coding in the Cube: Developing Good Habit
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
Play
Full screen (f)
Deck 9: Coding in the Cube: Developing Good Habit
1
Application errors expose a lot of information about the code and its environment.
True
2
There is only one type of error in application development: compile-time errors.
False
3
An exception handler can only be created to log error messages for developers.
False
4
PHP is the most popular server-side language in Web development and continues to evolve as the market leader in application security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
What you choose to tell the user in error messages is up to you, but it should specifically benefit them.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
You do not have to cancel a user's ID or password if they exceed a specified threshold of login times.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
Logging user traffic, events and data flow is one of the best analysis techniques you can do for an application.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
When logging tailored messages for an application, use a file separate from the server logs and secure the priveleges on that file.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Input cleansing is an optional task for securing the application.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
Code refactoring occurs when existing bodies of logic are broken up and moved into many smaller bodies of code.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
Data authorization is a two-way street: first, the user's ID must be validated and second the user's request needs to be authorized.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
PHP is a server-side language that runs on application servers.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Spaghetti code is rather inexpensive to maintain.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
Not every request that comes into the application should be treated as a potential attack.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Some popular programming languages that deal wth security include the following: -Java -PHP -C/C++
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Open source code is greatly discouraged within the software community.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
Data encapsulation hides all internal code, variables, and logic from the outside world, therefore restricting acces to any outside callers.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Exception handling is the cornerstone for all secure code.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
The most notable security flaw with the C/C++ language is the buffer overflow attack.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Use singleton objects when a common object or task will be used across multiple use cases for the same reason.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Where should the variables that a program uses be defined?
A) At the end of a program
B) In the middle of a program
C) At the top of the program
D) When the code needs it
A) At the end of a program
B) In the middle of a program
C) At the top of the program
D) When the code needs it
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
A method's signature is an example of limited code.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Parameter-driven software is software that looks up values stored in a database and determines what to display, allow, or execute based on those values.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
After the debug methods are built into the program, they can be called anywhere at anytime within the program you need to test.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
How can an application alert stakeholders of invasion?
A) cancel the user's password
B) send out SMS messages
C) log the activity in a log file
D) catch all errors
A) cancel the user's password
B) send out SMS messages
C) log the activity in a log file
D) catch all errors
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Which program language is vulnerable to a buffer overflow attack?
A) JAVA
B) C++
C) PHP
D) Perl
A) JAVA
B) C++
C) PHP
D) Perl
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
What is it called when developers write a piece of software for a specific purpose
A) software diversity
B) code unit
C) parameter-driven code
D) limited code
A) software diversity
B) code unit
C) parameter-driven code
D) limited code
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
What is it called when existing bodies of logic are broken up and moved into many smaller bodies of code?
A) reusable code
B) refactor code
C) code review
D) code debugging
A) reusable code
B) refactor code
C) code review
D) code debugging
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
It is best to wait to add debugging techniques to the code when the code is broken.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Which item is NOT a characteristic of self-monitoring code?
A) Canceling user passwords
B) Requiring physical requests for data
C) Code refactoring
D) Alerting stakeholders of invasion
A) Canceling user passwords
B) Requiring physical requests for data
C) Code refactoring
D) Alerting stakeholders of invasion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
When reusable code gets buried into other code, the logic can and should be reused by other use cases.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
How should a developer code for DEBUGS?
A) Add the DEBUG statements in when needed
B) Build the debug logic into the code while developing
C) Use a debug editor
D) Use a peer review process
A) Add the DEBUG statements in when needed
B) Build the debug logic into the code while developing
C) Use a debug editor
D) Use a peer review process
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
What type of software looks up values stored in a database and determines what to display, allow, or execute based on those values
A) limited code
B) software diversity
C) parameter-driven
D) debugging
A) limited code
B) software diversity
C) parameter-driven
D) debugging
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
If logic bombs or Trojan horses were to be snuck in, what type of file would the easiest target?
A) JAR files
B) Java files
C) SQL scripts
D) ANT scripts
A) JAR files
B) Java files
C) SQL scripts
D) ANT scripts
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
What design pattern forces the server to create only one object in its heap, thus making the server run very efficiently while using minimum RAM?
A) MVC
B) Template
C) Singleton
D) Abstract
A) MVC
B) Template
C) Singleton
D) Abstract
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
What is the best way to turn off DEBUG statements in the code?
A) automate a script
B) look at the code and manually turn them off
C) leave them on since the information only goes to a log file
D) Use the IDE to turn them off
A) automate a script
B) look at the code and manually turn them off
C) leave them on since the information only goes to a log file
D) Use the IDE to turn them off
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
What is it called when software is developed on the premise that specifications, data, and environments will change?
A) software diversity
B) limited code
C) parameter-driven code
D) debugging code
A) software diversity
B) limited code
C) parameter-driven code
D) debugging code
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
If requesting the application to provide sensitive information over the public network can sometimes be too risky, what should be done?
A) Take the chance and send the data
B) Log all activity
C) Send it but encrypt the data
D) Requiring Physical Requests for Data
A) Take the chance and send the data
B) Log all activity
C) Send it but encrypt the data
D) Requiring Physical Requests for Data
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Which option is NOT a characteristics of Organized code?
A) Import only the classes that are needed to run the program
B) Avoid spaghetti code
C) Declare variables he program uses at the top
D) Use an IDE
A) Import only the classes that are needed to run the program
B) Avoid spaghetti code
C) Declare variables he program uses at the top
D) Use an IDE
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
What should the application do if the user has failed to log in after 5 attempts?
A) allow the user to keep trying
B) cancel the user and force them to request a new id
C) cancel the user for 24 hours
D) cancel the user's password
A) allow the user to keep trying
B) cancel the user and force them to request a new id
C) cancel the user for 24 hours
D) cancel the user's password
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
What type of errors are found in syntax?
A) Run time errors
B) Compile time errors
C) SQL errors
D) User errors
A) Run time errors
B) Compile time errors
C) SQL errors
D) User errors
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
What type of list defines only accepted input values?
A) Good list
B) Black list
C) White list
D) Validation list
A) Good list
B) Black list
C) White list
D) Validation list
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Which is NOT a characteristic of validation the input request?
A) Cleansing the request
B) Authorizing the sender
C) Code for software diversity
D) Encapsulating the data
A) Cleansing the request
B) Authorizing the sender
C) Code for software diversity
D) Encapsulating the data
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Which statement best suits the generalization of error messages?
A) More is best
B) error messages the users see, however, should not be the error messages the developers see
C) Everyone needs to see the Error messages
D) Error messages help to the developers fix problems.
A) More is best
B) error messages the users see, however, should not be the error messages the developers see
C) Everyone needs to see the Error messages
D) Error messages help to the developers fix problems.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
What is the grouping and storing of data inside a single object?
A) Encapsulation
B) Encryption
C) Code hiding
D) Code diversity
A) Encapsulation
B) Encryption
C) Code hiding
D) Code diversity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
What is the best way to handle program errors?
A) Place the code between try{} catch {} blocks and handle each error as they occur.
B) Handle each error by adding DEBUG statements
C) Log all Errors in the log file
D) The program should shut down securely of each error
A) Place the code between try{} catch {} blocks and handle each error as they occur.
B) Handle each error by adding DEBUG statements
C) Log all Errors in the log file
D) The program should shut down securely of each error
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Which of the following steps are NOT needed to for exception handling?
A) Code your own routine
B) Create application-specific exceptions
C) Add debug statements
D) Manage the views
A) Code your own routine
B) Create application-specific exceptions
C) Add debug statements
D) Manage the views
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Where do most attacks to software come from?
A) Back door
B) Input fields
C) Servers
D) Database
A) Back door
B) Input fields
C) Servers
D) Database
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What type of list defines bad input values?
A) Bad list
B) Black list
C) White list
D) No Valid list
A) Bad list
B) Black list
C) White list
D) No Valid list
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
What type of errors when a data flow does not flow as expected?
A) Compile time
B) User errors
C) Run time
D) SQL errors
A) Compile time
B) User errors
C) Run time
D) SQL errors
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
