Skip survey header

CISSP Practice Quiz: Domain 8: Software Development Security Quiz 2

CISSP Practice Quiz: Domain 8: Software Development Security Quiz 2

1. Dave’s organization is just beginning to adopt software development practices. As they move to the Repeatable phase of the SW-CMM, which one of the following process areas should be a primary focus?
2. When reviewing web server logs, Irene notices a log entry where user-provided input contains the string shown below. What type of attack may have occurred?

3. Simon is conducting a penetration test for a client. He does not have any information about the client’s network. What type of test is Simon conducting?
4. Which one of the following programming languages is most commonly used in interpreted form?
5. Andrea finds the user input shown below in a web server log. What type of attack was likely attempted here?

6. Which one of the following software development methodologies uses the sprint as the primary unit of work?
7. What term best describes malicious code modifies itself subtly each time it infects a new system in an effort to avoid detection?
8. Which one of the following technologies is commonly used to access a web service programmatically from within other code?
9. Anthony is reviewing the logs for a web application and discovers thousands of requests containing query string segments similar to the one shown below. What type of vulnerability was being probed?

10. Which one of the following is an example of an aggregate function in SQL?