Re: Answer Explanation for Assessment Test Questio...

gopalk · ‎12-03-2021

Hi Need some help with the below question.

Most software vulnerabilities exist because of a lack of secure or defensive coding practises used by developers. Which of the following is not considered a secure coding technique. (Choose all that apply)

A. Using immutable systems

B. Using stored procedures

C. Using code signing

D. Using Server side validation

E Optimizing file sizes

F Using third-party software libraries.

gopalk · ‎12-03-2021

Answer Key reveals ABCD. But I think the "NOT" was not considered.

radhika_ajay · ‎02-15-2022

I think the answer should be a, e and f?

BrianF · ‎02-16-2022

Not to sound snarky but the answers in the appendix do a fantastic job at explaining the answers.

That said, I found some errors within multiple books and reported them to the publishers.

Good luck!

azekta · ‎02-23-2022

A using immutable system is not secure coding technique.

dpower · ‎06-04-2023

I messaged ISC2 for the answer and still waiting on a response.

JohnEricsson · ‎11-01-2023

Is this it:

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition |...

(in case the url is removed: it is from wiley dot com in an errata section of the book --google the name of the book and errata)

"This should read:

40. B, C, D. Programmers need to adopt secure coding practices, which include using stored procedures, code signing, and server-side validation."

This could still be wrong, and it may fit with the claim they forgot the "not"

Answer Explanation for Assessment Test Question 40 Sybex Official Study Guide.