182 Chapter 8 ■ Software Development Security (Domain 8)
- What type of database security issue exists when a collection of facts has a higher classifi-
cation than the classification of any of those facts standing alone?
A. Inference
B. SQL injection
C. Multilevel security
D. Aggregation - What are the two types of covert channels that are commonly exploited by attackers seek-
ing to surreptitiously exfiltrate information?
A. Timing and storage
B. Timing and firewall
C. Storage and memory
D. Firewall and storage - Vivian would like to hire a software tester to come in and evaluate a new web application
from a user’s perspective. Which of the following tests best simulates that perspective?
A. Black box
B. Gray box
C. Blue box
D. White box - Referring to the database transaction shown here, what would happen if no account exists
in the Accounts table with account number 1001?
A. The database would create a new account with this account number and give it
a $250 balance.
B. The database would ignore that command and still reduce the balance of the second
account by $250.
C. The database would roll back the transaction, ignoring the results of both commands.
D. The database would generate an error message.