CISSP认证考试（软件开发安全）模拟试卷1 - 众享搜题网

登录　| 注册　| 充值

首页 > 计算机 > CISSP认证 > CISSP认证考试（软件开发安全）模拟试卷1

Data marts, databases, and data warehouses have distinct characteristics. Which of the following does not correctly describe a data warehouse? It could increase the risk of privacy violations. It is developed to carry out analysis. It contains data from several different sources. It is created and used for project-based tactical reasons.

Database software should meet the requirements of what is known as the ACID test. Why should database software carry out atomic transactions, which is one requirement of the ACID test, when OLTP is used? So that the rules for database integrity can be established So that the database performs transactions as a single unit without interruption To ensure that rollbacks cannot take place To prevent concurrent processes from interacting with each other

Lisa has learned that most databases implement concurrency controls. What is concurrency, and why must it be controlled? Processes running at different levels, which can negatively affect the integrity of the database if not properly controlled. The ability to deduce new information from reviewing accessible data, which can allow an inference attack to take place. Processes running simultaneously, which can negatively affect the integrity of the database if not properly controlled. Storing data in more than one place within a database, which can negatively affect the integrity of the database if not properly controlled.

Robert has been asked to increase the overall efficiency of the sales database by implementing a procedure that structures data to minimize duplication and inconsistencies. What procedure is this? Polymorphism Normalization Implementation of database views Constructing schema

Which of the following correctly best describes an object-oriented database? When an application queries for data, it receives both the data and the procedure. It is structured similarly to a mesh network for redundancy and fast data retrieval. Subject must have knowledge of the well-defined access path in order to access data. The relationships between data entities provide the framework for organizing data.

Fred has been told he needs to test a component of the new content management application under development to validate its data structure, logic, and boundary conditions. What type of testing should he carry out? Acceptance testing Regression testing Integration testing Unit testing

Which of the following is the best description of a component-based system development method? Components periodically revisit previous stages to update and verify design requirements Minimizes the use of arbitrary transfer control statements between components Uses independent and standardized modules that are assembled into serviceable programs Implemented in module-based scenarios requiring rapid adaptations to changing client requirements

There are many types of viruses that hackers can use to damage systems. Which of the following is not a correct description of a polymorphic virus? Intercepts antivirus’s call to the operating system for file and system information Varies the sequence of its instructions using noise, a mutation engine, or random-number generator Can use different encryption schemes requiring different decryption routines Produces multiple, varied copies of itself

Which of the following best describes the role of the Java Virtual Machine in the execution of Java applets? Converts the source code into bytecode and blocks the sandbox Converts the bytecode into machine-level code Operates only on specific processors within specific operating systems Develops the applets, which run in a user’s browser

What type of database software integrity service guarantees that tuples are uniquely identified by primary key values? Concurrent integrity Referential integrity Entity integrity Semantic integrity

In computer programming, cohesion and coupling are used to describe modules of code. Which of the following is a favorable combination of cohesion and coupling? Low cohesion, low coupling High cohesion, high coupling Low cohesion, high coupling High cohesion, low coupling

When an organization is unsure of the final nature of the product, what type of system development method is most appropriate for them? Cleanroom Exploratory Model Modified Prototype Method Iterative Development

Which of the following statements does not correctly describe SOAP and Remote Procedure Calls? SOAP was designed to overcome the compatibility and security issues associated with Remote Procedure Calls. Both SOAP and Remote Procedure Calls were created to enable applicationlayer communication. SOAP enables the use of Remote Procedure Calls for information exchange between applications over the Internet. HTTP was not designed to work with Remote Procedure Calls, but SOAP was designed to work with HTTP.

Computer programs that are based on human logic by using “if/then“ statements and inference engines are called______. Expert systems Artificial neural networks Distributed Computing Environment Enterprise JavaBeans

Which of the following is a correct description of the pros and cons associated with third-generation programming languages? The use of heuristics reduced programming effort, but the amount of manual coding for a specific task is usually more than the preceding generation. The use of syntax similar to human language reduced development time, but the language is resource intensive. The use of binary was extremely time consuming but resulted in fewer errors. The use of symbols reduced programming time, but the language required knowledge of machine architecture.

Which of the following is considered the second generation of programming languages? Machine Very high-level High-level Assembly

Mary is creating malicious code that will steal a user’s cookies by modifying the original client-side Java script. What type of cross-site scripting vulnerability is she exploiting? Second order DOM-based Persistent Nonpersistent

Of the following steps that describe the development of a botnet, which best describes the step that comes first? Infected server sends attack commands to the botnet. Spammer pays a hacker for use of a botnet. Controller server instructs infected systems to send spam to mail servers. Malicious code is sent out that has bot software as its payload.

Which of the following antivirus detection methods is the most recent to the industry and monitors suspicious code as it executes within the operating system? Behavior blocking Fingerprint detection Signature-based detection Heuristic detection

Which of the following describes object-oriented programming deferred commitment? Autonomous objects, with cooperate through exchanges of messages The internal components of an object can be refined without changing other parts of the system Object-oriented analysis, design, and modeling maps to business needs and solutions Other programs using same objects

相关试卷

CISSP认证考试模拟试卷4
CISSP认证考试模拟试卷3
CISSP认证考试模拟试卷2
CISSP认证考试模拟试卷1
CISSP认证考试（软件开发安全）模拟试卷1
CISSP认证考试（访问控制）模拟试卷1
CISSP认证考试（信息安全治理与风险管理）模拟试卷1
CISSP认证考试（通信安全与网络安全）模拟试卷1
CISSP认证考试（安全体系结构和设计）模拟试卷1
CISSP认证考试（密码学）模拟试卷1
CISSP认证考试（物理安全与环境安全）模拟试卷1
CISSP认证考试（法律、法规、调查与合规）模拟试卷1
CISSP认证考试（业务连续性和灾难恢复）模拟试卷1
CISSP认证考试（安全运营）模拟试卷1