Domain 8 Exam.
A minimum of 70% is required to pass.
#1. Which of the following incorrectly describes a directory service?
〇：Conforms to the X.509 standard and assigns a namespace to each object accessed in the database by LDAP.
Most companies have directories that contain information about company network resources and users. Most directories use a hierarchical database format based on the X.500 standard (not X.509) and a type of protocol such as LDAP (Lightweight Directory Access Protocol) that allows subjects and applications to interact with the directory The application can then use LDAP to access the directory. Applications can request information about a particular user by making an LDAP request to the directory, and users can request information about a particular resource using a similar request. The directory service assigns an Distinguished Name (DN) to each object in the database based on the X.500 standard to be accessed. Each distinguished name represents a set of attributes about a particular object and is stored as an entry in the directory.
×：Namespaces are used to manage objects in the directory.
This is incorrect because objects in a hierarchical database are managed by a directory service. Directory services allow administrators to configure and manage identification, authentication, permissions, and access control for the network. Objects in the directory are labeled and identified by namespace, which is how the directory service keeps objects organized.
×：Enforce security policies by performing access control and identity management functions.
This is incorrect because directory services enforce the security policy set by performing access control and identity management functions. For example, when a user logs into a domain controller in a Windows environment, the directory service (Active Directory) determines which network resources are accessible and which are not.
×：Administrators can configure and manage how identification takes place within the network.
Directory service is incorrect because it allows the administrator to configure and manage identification within the network. It also allows for the configuration and management of authentication, authorization, and access control.
#2. Which option best describes the role of the Java Virtual Machine in the execution of Java applets?
〇：Converts bytecode to machine-level code.
Java is an object-oriented, platform-independent programming language. It is used as a full-fledged programming language to write programs called applets that run in the user’s browser. java is platform independent because it creates intermediate code that is not processor-specific bytecode. java virtual machine (JVM) converts bytecode into machine-level code that can be understood by processors on a particular system.
×：Converts source code to bytecode and blocks the sandbox.
Incorrect because the Java Virtual Machine converts bytecode to machine-level code. The Java compiler does not convert source code to bytecode. The JVM also creates a virtual machine in an environment called the sandbox. This virtual machine is the enclosed environment in which the applet executes its activities. The applet is typically sent via HTTP within the requested web page and is executed as soon as the applet arrives. If the applet developer fails to function properly, it may intentionally or accidentally perform a malicious act. Therefore, the sandbox strictly limits the applet’s access to system resources. The JVM mediates access to system resources to ensure that applet code runs and works within its own sandbox.
×：It runs only on specific processors within a specific operating system.
This is incorrect because Java is an object-oriented, platform-independent programming language. Other languages are compiled into object code for specific operating systems and processors. Thus, a particular application can run on Windows, but not on the Mac OS. Intel processors do not necessarily understand machine code compiled for Alpha processors. Java is platform independent because it creates intermediate code bytecode. It is not processor-specific code bytecode.
×：Develop an applet that runs in the user’s browser.
This is incorrect because the Java Virtual Machine does not create applets. Java is adopted as a full-fledged programming language and is used to write complete and short programs called applets that run in the user’s browser. Programmers create Java applets and run them through a compiler. The Java compiler converts the source code into byte code. The user then downloads the Java applet. The bytecode is converted to machine-level code by the JVM. Finally, the applet is executed when invoked.
#3. Which is the appropriate period of time to use maintenance hooks?
〇：Only during code development.
Maintenance hoc refers to functions and tools that are temporarily used by the developer for testing purposes. In fact, in system development, tools are provided to assist in confirming that individual functions are working properly. However, if maintenance hocks are left in the production environment, they may be used by attackers and must be removed.
×：Maintenance hooks should not be used.
The use of maintenance hooks can make the work more efficient.
×：When you want to make the software available to administrators in a simplified manner.
In some cases, attackers can exploit tools that were supposed to be available only to administrators.
×：When you want users to be able to use the software in a simplified manner.
After the actual release of the software, maintenance hooks are not made available to users.
#4. There are several attacks that programmers should be aware of. When an attacker attempts to execute arbitrary code, what type of attack is indicated?
A buffer is an area reserved by an application to store something in it, like some user input. After the application receives input, the instruction pointer is put into the buffer. A buffer overflow occurs when the application accidentally allows the input to overwrite the instruction pointer in the code and write it to the buffer area. Once the instruction pointer is overwritten, it can be executed under the application’s security context.
Traffic Analysis is incorrect because it is a method of revealing information by looking at traffic patterns on the network.
Incorrect because it does not indicate a race condition attack; if two different processes need to perform their tasks on a resource, they need to follow the correct order.
Incorrect because in a covert storage channel, processes are capable of communicating through some type of storage space on the system.
#5. Which level in the software functional maturity model provides a “repeatable process that yields constant results”?
Level 2 of the software functional maturity model is reproducible. It is a maturity level where some processes are reproducible and produce constant results. The process discipline is not rigorous, but it helps to maintain existing processes. Therefore, the correct answer is Level 2.
At Level 1, the process is usually undocumented and dynamic. It tends to be driven by users and events in an ad hoc, uncontrolled, reactive manner. As a result, the process is chaotic and unstable.
At Level 2, at maturity, some processes are repeatable and will produce consistent results. Process discipline will not be rigid, but where it exists it will help ensure that existing processes are maintained.
At Level 3, a documented set of standard processes has been established and has improved somewhat over time.
At Level 4, the process is being evaluated to ensure that it is achieving its goals. Process users experience the process under multiple and varied conditions to demonstrate competence.
Level 5 focuses on continuous improvement of process performance through incremental and innovative technical changes/improvements.
#6. What type of database property ensures that a tuple is uniquely identified by its primary key value?
Entity integrity ensures that a tuple is uniquely identified by its primary key value. A tuple is a row in a two-dimensional database. The primary key is the corresponding column value that makes each row unique. For entity integrity, every tuple must contain one primary key. If a tuple does not have a primary key, the tuple will not be referenced by the database.
Concurrent integrity is not a formal term in database software and is therefore incorrect. There are three main types of integrity services: semantic, reference, and entity. Concurrency is software that is accessed by multiple users or applications simultaneously. Without controls in place, two users can access and modify the same data at the same time.
Referential integrity is incorrect because it references all foreign keys that refer to an existing primary key. There must be a mechanism to ensure that foreign keys do not contain references to non-existent records or null-valued primary keys. This type of integrity control allows relationships between different tables to work properly and communicate properly with each other.
The semantic integrity mechanism is incorrect because it ensures that the structural and semantic rules of the database are in place. These rules concern data types, boolean values, uniqueness constraints, and operations that may adversely affect the structure of the database.
#7. Which of the following is the most effective method of identifying backup strategies?
〇：Test the restore procedure.
The ability to successfully restore from a backup must be tested periodically. Therefore, the correct answer is: “Test the restore procedure.” will be
×：Ensure that all user data is backed up.
Making copies of user data is important, but copies are useless unless it is ensured that the copies can be restored.
×：Back up the database management system (DBMS) to your own specifications.
While it is a good idea to use measures to meet the proprietary specifications of the DBMS to ensure that transactional copies are usable, those copies will not be trusted unless the restores are tested.
×：Ensure that the backup log files are complete.
Monitoring backup logs for completion is good operational practice, but it is wrong because it is no substitute for regular testing of the backups themselves and their ability to truly recover from data loss.
#8. Which of the following would not be considered an attack motivated by gaining money?
Distributed Denial of Service (DDoS) attacks usually do not provide financial gain to the attacker. Often, the motivation is revenge, disagreement with the organization’s policy decisions, or the attacker proving the extent of his or her animosity toward the organization. Certainly, it can be used to bloat the cost of a pay-as-you-go cloud service by causing it to consume more resources than expected by accessing it in large volumes, but it is a mistake in that it is not the financial objective of the parties involved.
#9. Fred is told that he needs to test components of a new content management application under development to validate data structures, logic, and boundary conditions. What tests should he perform?
Unit testing involves testing individual components in a controlled environment to verify data structures, logic, and boundary conditions. After the programmer develops a component, it is tested with several different input values and in a variety of situations. Unit testing can begin early in the development process and usually continues throughout the development phase. One of the benefits of unit testing is that it identifies problems early in the development cycle. It is easier and less expensive to make changes to individual units.
This is incorrect because acceptance testing is done to verify that the code meets the customer’s requirements. This test is applied to some or all of the application, but usually not individual components.
Regression testing is incorrect because it implies retesting a system after changes have been made to ensure its functionality, performance, and protection. Essentially, regression testing is done to identify bugs where functionality no longer works as intended as a result of a program change. It is not uncommon for developers to fix one problem, accidentally create a new problem, or fix a new problem and solve an old one. Regression testing involves checking for previously fixed bugs to ensure that they have not reappeared and re-running previous tests.
Integration testing is incorrect because it verifies that components work together as outlined in the design specification. After unit testing, individual components or units are tested in combination to verify that they meet functional, performance, and reliability requirements.
#10. Which option incorrectly describes SOAP and remote procedure calls?
〇：SOAP allows Remote Procedure Calls to be used to exchange information between applications over the Internet.
To allow applications to exchange information over the Internet, the Simple Object Access Protocol (SOAP) was created to be used instead of Remote Procedure Call (RPC). SOAP is an XML-based protocol that encodes messages in a Web service setting. It allows programs running on different operating systems to communicate using Web-based communication methods.
×：SOAP is designed to overcome compatibility and security issues associated with remote procedure calls.
Attempting to allow communication between objects of different applications over the Internet is incorrect because SOAP was created to overcome the compatibility and security issues introduced by RPC. SOAP is designed to work with multiple operating system platforms, browsers, and servers.
×：SOAP and remote procedure calls were created to enable application layer communication.
This is incorrect because both SOAP and RPC were created to enable application layer communication. SOAP is an XML-based protocol that encodes messages in a Web service setting. Therefore, if a Windows client needs to access a Windows server that provides a particular web service, programs on both systems can communicate using SOAP without running into interoperability problems.
×：HTTP is not designed to work with remote procedure calls, but SOAP is designed to work with HTTP.
HTTP is not designed to work with RPC, but SOAP is designed to work with HTTP. SOAP actually defines the structure of the XML schema or communication mechanism. The SOAP XML schema defines how objects communicate directly with each other. One of the advantages of SOAP is that program calls most likely get through firewalls, since HTTP communication is generally allowed. This ensures that the client/server model is not broken by getting denied by firewalls during the communication entity.
#11. Robert is asked to increase the overall efficiency of the sales database by implementing procedures to structure the data to minimize duplication and inconsistencies. What procedure is that?
Normalization is the process of efficiently organizing data by eliminating redundancy, reducing the potential for anomalies during data manipulation, and improving data consistency within a database. It is a systematic method of ensuring that database structures are correctly designed so that undesirable characteristics (insert, update, and delete anomalies) do not occur and data integrity is lost.
Polymorphism is incorrect because different objects are given the same input and react differently.
×：Database View Implementation
A database view is a logical access control, implemented so that one group or specific user can see certain information and another group is restricted from seeing it completely, which is incorrect. For example, a database view could be implemented so that middle management can see the profits and expenses of a department without seeing the profits of the entire enterprise. Database views do not minimize duplicate data. Rather, it manipulates how the data is displayed by a particular user/group.
Schemas in database systems are incorrect because they are structures described in a formal language. In a relational database, a schema defines tables, fields, relationships, views, indexes, procedures, queues, database links, directories, etc. A schema describes the database and its structure, but not the data that exists in the database itself.
#12. There are many types of viruses that hackers can use to damage your system. Which of the following is NOT a correct description of a polymorphic type virus?
〇：Intercept anti-malware calls to the operating system for file system information.
This is a “no” question. Polymorphic viruses attempt to fool anti-malware scanners. In particular, they use methods to generate operational copies. Even if the anti-malware software detects and disables one or two copies, the other copies remain active in the system.
This problem must be solved by process of elimination. What definitions are polymorphic viruses? If you remember the word list “what is a polymorphic virus,” you may not understand what makes a polymorphic virus unique. The most striking feature of polymorphic viruses is that they repeatedly change entities.
×：Using noise, mutation engines, or random number generators to change the sequence of instructions.
Polymorphic-type viruses may change the sequence of instructions by including noise or false instructions along with other useful instructions. They can also use mutation engines and random number generators to alter the sequence of instructions in the hope that they will not be detected. The original functionality remains intact, but the code is altered, making it nearly impossible to identify all versions of the virus using a fixed signature.
×：Different encryption schemes that require different decryption routines can be used.
Polymorphic-type viruses can use different encryption schemes that require different decryption routines. This requires an anti-malware scan to identify all copies of this type of virus, one for each possible decryption method. Polymorphic virus creators hide the encrypted virus payload and add decryption methods to the code. Once encrypted, the code becomes meaningless, but that does not necessarily mean that the encrypted virus is a polymorphic virus and thus escapes detection.
×：Create multiple and various copies.
Polymorphic viruses generate multiple, varied copies in order to avoid detection by anti-malware software.
#13. Drive mirroring is the ability to write data to two drives simultaneously for redundancy. What type of technology is used for this?
Information that is required to be available at all times must be mirrored or duplexed. In both mirroring (also called RAID 1) and duplexing, all data write operations are performed simultaneously or nearly simultaneously at multiple physical locations.
×：Direct Access Storage
Direct access storage is incorrect because it is a general term for magnetic disk storage devices traditionally used in mainframe and minicomputer (midrange computer) environments. RAID is a type of direct access storage device (DASD).
Incorrect because the technique of striping is used when data is written to all drives. This activity splits the data and writes it to multiple drives. Write performance is not affected, but read performance is greatly improved because multiple heads are getting data at the same time. Parity information is used to reconstruct lost or corrupted data. Striping simply means data; parity information may be written to multiple disks.
Parallel processing is incorrect because a computer has multiple processing units built into it to execute multiple streams of instructions simultaneously. While mirroring may be used to implement this type of processing, it is not a requirement.
#14. A new software development company was set up to develop mobile device applications for a variety of clients. The company employs talented software programmers, but has failed to implement a standardized development process that can be improved over time. Which of the following is the best approach this company would take to improve its software development process?
〇：Capability Maturity Model Integration
Capability Maturity Model Integration (CMMI) is a comprehensive set of integration guidelines for developing products and software. It addresses the various phases of the software development life cycle, including concept definition, requirements analysis, design, development, integration, installation, operation, maintenance, and what should happen at each stage. The model describes the procedures, principles, and practices underlying the maturation of the software development process. It was developed to help software vendors improve their development processes. It will improve software quality, shorten the development life cycle, create and meet milestones in a timely manner, and adopt a proactive approach rather than a reactive approach that is less effective.
×：Software Development Life Cycle
Incorrect because the Software Development Life Cycle (SDLC) describes how a system should be developed and maintained throughout its life cycle and does not involve process improvement.
Incorrect because ISO/IEC 27002 is an international standard that outlines how the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) create and maintain an organizational information security management system (ISMS). ISO/IEC 27002 has a section dealing with the acquisition, development, and maintenance of information systems, but does not provide a process improvement model for software development.
×：Certification and Accreditation Process
This is incorrect because the certification and accreditation (C&A) process handles testing and evaluation of systems against predefined criteria. This has nothing to do with improving the software development process.
#15. Lisa learned that most databases implement concurrency control. What is concurrency? And why do we need to control it?
〇：A process that is running concurrently. If not properly controlled, the integrity of the database can be adversely affected.
Databases are used simultaneously by many different applications and many users interact with them at once. Concurrency means that different processes (applications and users) are accessing the database at the same time. If this is not properly controlled, processes can overwrite each other’s data or cause deadlock situations. The worst consequence of concurrency problems is poor integrity of the data held in the database. Database integrity is provided by concurrency protection mechanisms; one concurrency control is locking, which prevents users from accessing or modifying data being used by other users.
×：Processes running at different levels. If not properly controlled, they can adversely affect the integrity of the database.
Concurrency is incorrect because it refers to processes running at the same time, not at different levels. Concurrency problems occur when the database can be accessed simultaneously by different users or applications. If controls are not in place, two users can access and modify the same data at the same time, which can be detrimental to a dynamic environment.
×：The process of inferring new information from a review of accessible data. Inference attacks may occur.
The ability to infer new information from reviewing accessible data occurs when subjects at lower security levels indirectly infer data at higher levels. This can lead to an inference attack, but is not related to concurrency.
×：Storing data in multiple locations in the database. If not properly controlled, it can negatively impact database integrity.
Storing data in multiple locations is incorrect because there is no concurrency issue. Concurrency becomes an issue when two subjects or applications are trying to modify the same data at the same time.
#16. Which of the following markup languages is used to allow sharing of application security policies and ensure that all applications follow the same security rules?
XACML allows two or more companies to have a trust model set up to share identity, authentication, and authorization methods. This means that when you authenticate against your own software, you can pass the authentication parameters to your partner. This allows them to interact with their partner’s software without having to authenticate more than once. This is done via XACML (Extensible Access Control Markup Language), which allows multiple organizations to share application security policies based on a trust model XACML is a markup language and processing model implemented in XML XACML is a markup language and processing model implemented in XML. It declares access control policies and describes how to interpret access control policies.
×：XML (Extensible Markup Language)
XML (Extensible Markup Language) is incorrect because it is a way to electronically code documents and represent data structures such as web services. XML is not used to share security information. XML is an open standard that is more robust than traditional HTML. In addition to serving as a markup language, XML also serves as the foundation for other industry-specific XML standards. With XML, companies can communicate with each other while using a markup language that meets their specific needs.
Service Provisioning Markup Language (SPML) is incorrect because it is used by companies to exchange user, resource, and service provisioning information rather than application security information. SPML is an XML-based framework developed by OASIS that allows enterprise platforms, such as web portals and application servers, to provision requests to multiple companies for the purpose of securely and quickly setting up web services and applications. It is intended to enable the generation of.
Incorrect because GML (Generalized Markup Language) is a method created by IBM for document formatting. It describes a document in terms of parts (chapters, paragraphs, lists, etc.) and their relationships (heading levels). GML was the predecessor of SGML (Standard Generalized Markup Language) and HTML (Hypertext Markup Language).
#17. Which project management methodology is based on each phase leading to the next phase and not returning to the previous phase?
Waterfall is very unidirectional and each phase leads directly to the next phase. In a pure waterfall model, there is no way to return to the previous phase.
Agile is the idea that system development should be done flexibly. It is a trial-and-error development method that emphasizes adaptive planning, evolutionary development, early delivery, and continuous improvement. Agile differs from the traditional approach of modeling a process, where principles and claims are shared by the entire team and an attempt is made to adapt to every situation.
The SASHIMI model is a model of the system development process that allows the end and beginning points of each phase to run concurrently. In many cases, a waterfall model is used, where the next phase is moved to the next phase with the submission and review of deliverables. This is also great, but in practice, there are times when the delivery is made but modified due to changing requirements.
The spiral model is a method of development that iterates from design to testing for each function. It is a method in which a series of processes consisting of planning, analysis, design, implementation, testing, and evaluation are repeated many times within a single project to gradually increase the degree of completion. In a software project, these phases are repeated.
#18. I am looking to mitigate injection attacks on my web server. What advice should I give?
Injection attacks are cracking attacks in which special strings are embedded in user forms and submitted to malfunction the receiving user’s information processing. Sufficiently strong input validation and data type restrictions on input fields, input length limits, and modifications are to do it. Only allow users to enter appropriate data into fields. Limit the number of characters a user can use, and possibly restrict by character type, allowing only letters in names, numbers in phone numbers, and displaying country and state drop-downs.
#19. In computer programming, coupling and condensing degrees are used. Which of the following is the preferred combination of coupling and condensing degree?
It is a good thing for a module to have low coupling and high condensibility. The higher the degree of condensation, the easier it is to update and modify, and it does not affect other modules with which it interacts. This also means that modules are easier to reuse and maintain. Coupling degree is a measure of the amount of interaction a single module requires to perform its task. If a module’s coupling is low, it means that the module does not need to communicate with many other modules to perform its job. It is easier to understand and reuse than a module that depends on many other modules to perform its tasks. It will also be easier to modify modules without affecting the many modules around them. Therefore, the correct answer is “low-coupling, high-cohesion”.
#20. (A) provides a readable description of a particular operation provided by a particular web service (B) provides a method for registration by the service provider and placement by the consumer of the service.
〇：(A) Web Service Description Language – (B) Universal Description, Discovery and Integration
Services in service-oriented architectures (SOA) are typically provided via Web services, which enable Web-based communication to occur seamlessly using Web-based standards such as Simple Object Access Protocol (SOAP), HTTP, Web Service Description Language (WSDL), Universal Description, Discovery, and Integration （WSDL provides a machine-readable description of the specific operations provided by a service; UDDI is an XML-based registry that lists available services UDDI provides a way for services to be registered by service providers and deployed by service consumers.
×：(A) generic description, discovery and integration – (B) web service description language
Incorrect because the terms are not in the correct order and do not map to the definitions provided within the question.
×：(A) Web Service Description Language – (B) Simple Object Access Protocol
SOAP (Simple Object Access Protocol) is incorrect because it is an XML-based protocol that encodes messages in a Web services environment. SOAP defines an XML schema for how communication is actually going to take place. SOAP XML schema defines how objects communicate directly.
×：(A) Simple Object Access Protocol (B) Universal Description, Discovery and Integration
SOAP (Simple Object Access Protocol) is incorrect because it is an XML-based protocol that encodes messages in a Web services environment. SOAP defines the XML schema of how communication is actually going to take place. SOAP XML Schema defines how objects communicate directly.