Chapter 8 ■ Software Development Security (Domain 8) 185
- Which one of the following is not a technique used by virus authors to hide the existence
of their virus from antimalware software?
A. Stealth
B. Multipartitism
C. Polymorphism
D. Encryption - Which one of the following types of software testing usually occurs last and is executed
against test scenarios?
A. Unit testing
B. Integration testing
C. User acceptance testing
D. System testing - What type of requirement specifies what software must do by describing the inputs,
behavior, and outputs of software?
A. Derived requirements
B. Structural requirements
C. Behavioral requirements
D. Functional requirements - Which of the following organizations is widely considered as the definitive source for
information on web-based attack vectors?
A. (ISC)^2
B. ISACA
C. OWA SP
D. Mozilla Foundation - If Chris is writing code for an application, what phase of the Agile process is he in?
A. Planning
B. Sprints
C. Deployment
D. Development- Lisa is attempting to prevent her network from being targeted by IP spoofing attacks as
well as preventing her network from being the source of those attacks. Which one of the
following rules is NOT a best practice that Lisa can configure at her network border?
A. Block packets with internal source addresses from entering the network.
B. Block packets with external source addresses from leaving the network.
C. Block packets with private IP addresses from exiting the network.
D. Block packets with public IP addresses from entering the network.