Chapter 8 ■ Software Development Security (Domain 8) 193
7 7. What software development model is shown in the figure?
P1 P2 P3Plan next phases. Develop and verify
next-level product.Evaluate alternatives.
Identify and resolve risks.Determine objectives,
alternatives, and constraints.Image reprinted from CISSP (ISC) 2 Certified Information Systems Security Professional Official Study
Guide, 7th Edition © John Wiley & Sons 2015, reprinted with permission.A. Waterfall
B. Agile
C. Lean
D. Spiral- Which of the following database keys is used by an RDBMS to uniquely identify each row
in a database table?
A. Foreign key
B. Primary key
C. Candidate key
D. Referential key - Which one of the following change management processes is initiated by users rather than
developers?
A. Request control
B. Change control
C. Release control
D. Design review - Which one of the following techniques is an effective countermeasure against some infer-
ence attacks?
A. Input validation
B. Parameterization
C. Polyinstantiation
D. Server-side validation