Hi Need some help with the below question.
Most software vulnerabilities exist because of a lack of secure or defensive coding practises used by developers. Which of the following is not considered a secure coding technique. (Choose all that apply)
A. Using immutable systems
B. Using stored procedures
C. Using code signing
D. Using Server side validation
E Optimizing file sizes
F Using third-party software libraries.
Answer Key reveals ABCD. But I think the "NOT" was not considered.
Not to sound snarky but the answers in the appendix do a fantastic job at explaining the answers.
That said, I found some errors within multiple books and reported them to the publishers.
Good luck!
A using immutable system is not secure coding technique.
I messaged ISC2 for the answer and still waiting on a response.
Is this it:
(in case the url is removed: it is from wiley dot com in an errata section of the book --google the name of the book and errata)
"This should read:
40. B, C, D. Programmers need to adopt secure coding practices, which include using stored procedures, code signing, and server-side validation."
This could still be wrong, and it may fit with the claim they forgot the "not"
In the context of secure coding techniques, the following options are not considered secure coding practices:
E. Optimizing file sizes
F. Using third-party software libraries
While optimizing file sizes can improve performance, it does not directly relate to security practices. Similarly, using third-party software libraries can introduce vulnerabilities if those libraries are not properly vetted or maintained.
The other options—using immutable systems, stored procedures, code signing, and server-side validation—are all considered secure coding practices.