CSA+ chapter 12
13. During which phase would user stories be captured during an Agile sprint in the following graphic?
A. 1
14. Using the Agile sprint process, what step will occur at step 2 in the previous graphic?
A. Development
5. How many phases does the Spiral model cycle through?
B. Four
7. Susan's team has been writing code for a major project for a year and recently released their third version of the code. During a post implementation regression test, an issue that was originally seen in version 1 reappeared. What type of tool should Susan implement to help avoid this issue in the future?
D. Source control management
20. What term is used to describe high-level requirements in Agile development efforts?
D. User stories
17. Lauren wants to insert data into the response from her browser to a web application. What type of tool should she use if she wants to easily make manual changes in what her browser sends out as she interacts with the website?
A. An interception proxy
18. What type of testing focuses on inserting problems into the error handling processes and paths in an application?
A. Fuzzing
8. Precompiled SQL statements that only require variables to be input are an example of what type of application security control?
A. Parameterized queries
10. What Agile process is used to determine whether application development is occurring at the speed that was expected?
A. Velocity tracking
1. Angela's software development team is working on a large-scale control package that will run a nuclear power plant for multiple decades. They want to select an SDLC that fits their needs, which include careful upfront planning and analysis, without any anticipated change during the coding process. What SDLC model should she choose?
A. Waterfall
12. Kristen wants to implement code review but has a distributed team that works at various times during the day. She also does not want to create any additional support load for her team with new development environment applications. What type of review process will work best for her needs?
B. Pass-around
4. After a major patch is released for the web application that he is responsible for, Sam proceeds to run his web application security scanner against the web application to verify that it is still secure. What is the term for the process Sam is conducting?
B. Regression testing
3. Adam is conducting software testing by reviewing the source code of the application. What type of cost testing is Adam conducting?
B. Static code analysis
2. During a Fagan code inspection, which process can redirect to the planning stage?
C. Meeting
19. What type of code review requires two programmers, one of whom explains their code to the other developer?
C. Over-the-shoulder
6. Charles is worried about users conducting SQL injection attacks. Which of the following solutions will best address his concerns?
C. Performing user input validation
9. What process checks to ensure that functionality meets customer needs?
C. UAT
15. When is the Agile sprint shown in the previous graphic complete?
C. When customers agree that the task is done
16. What process is used to ensure that an application can handle very high numbers of concurrent users or sessions?
D. Load testing
11. Using TLS to protect application traffic helps satisfy which of the OWASP 2016 best practices?
D. Protect data