Using the Vulnerability Assessment Process Flow diagram,identify which of the seven areas of security best apply to eachscenario. Select all that apply.
1. The network team of your organization has just sent out anotification that denial-of-service attacks are on the rise. As thedeveloper, you are tasked with ensuring the program code could notbe used to cause excessive resource utilization during adenial-of-service attack. One suggestion from the security team isto implement the Execute Around Method pattern for Java.
2. As one developer on a team of several developers of a largeweb application using the Spring framework, you are tasked withimplementing an expressive command input function for theapplication. You are told the team is using version 2.6.5 of theSpring framework, and you want to use the Spring ExpressionLanguage to accomplish your task.
3. As the developer for a several-tier web application, you aretasked with development of a Java class for accessing therelational database layer using Transport Layer Security, a newversion of Secure Sockets Layer (SSL). The class functionalityneeds to support several database connections with differentauthentication IDs. If the database authentication fails, thesystem needs to be notified.
4. During a recent agile scrum sprint planning meeting, you weretasked with ensuring customers can access the secure shell serverto enable secure file transfer operations.
5. As the agile security officer for a financial company, youneed to ensure the organization’s use of secure communicationchannels to customers both domestic and international meetgovernment export regulations.
Input Validation: Secure input and representations | |
APIs: Secure API interactions | |
Cryptography: Encryption use and vulnerabilities | |
Client/Server: Secure distributed computing | |
Code Error: Secure error handling | |
Code Quality: Secure coding practice/patterns | |
Encapsulation: Secure data structures |
Vulnerability Assessment Process Flow diagram:
