CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 8 ■ Software Development Security (Domain 8) 185 Which one of the following is not a technique used by virus authors to ...

186 Chapter 8 ■ Software Development Security (Domain 8) What type of attack is demonstrated in the following C programming lan ...

Chapter 8 ■ Software Development Security (Domain 8) 187 C. SQL injection D. Cross-site request forgery Which one of the follow ...

188 Chapter 8 ■ Software Development Security (Domain 8) Roger is conducting a software test for a tax preparation application ...

Chapter 8 ■ Software Development Security (Domain 8) 189 C. Persistent XSS D. Nonpersistent XSS Which one of the following is n ...

190 Chapter 8 ■ Software Development Security (Domain 8) In the transaction shown here, what would happen if the database faile ...

Chapter 8 ■ Software Development Security (Domain 8) 191 David is working on developing a project schedule for a software devel ...

192 Chapter 8 ■ Software Development Security (Domain 8) What part of the security review process are the input parameters show ...

Chapter 8 ■ Software Development Security (Domain 8) 193 7 7. What software development model is shown in the figure? P1 P2 P3 P ...

194 Chapter 8 ■ Software Development Security (Domain 8) Ursula is a government web developer who recently created a public app ...

Chapter 8 ■ Software Development Security (Domain 8) 195 C. SQL injection D. Ransomware Charles is developing a mission-critica ...

196 Chapter 8 ■ Software Development Security (Domain 8) What technique do API developers most commonly use to limit access to ...

Chapter 8 ■ Software Development Security (Domain 8) 197 Cross-site request forgery SQL injection A. An attack that injects a m ...

198 Chapter 8 ■ Software Development Security (Domain 8) Which one of the following tools might an attacker use to best identif ...

Chapter 8 ■ Software Development Security (Domain 8) 199 What application development method uses the cycle shown here? Requir ...

...

Chapter 9 Practice Test 9 ...

202 Chapter 9 ■ Practice Test 1 NIST SP800-53 discusses a set of security controls as what type of security tool? A. A configur ...

Chapter 9 ■ Practice Test 1 203 What type of motion detector uses high microwave frequency signal transmissions to identify pot ...

204 Chapter 9 ■ Practice Test 1 Which one of the following is not a mode of operation for the Data Encryption Standard? A. CBC ...