Order Description

Question 1

What are formal methods for secure and robust programs?

• Making a convincing argument that the source code is correct
• Using some rigorous method like math to prove the source code is correct
• Having the source code certified correct by a trusted party
• Testing the executable by ensuring every control path is taken

Question 2

Which of the following should you check for? (Select all that apply.)

• When computing x * y, check that x and y are both signed.
• When computing x % y, check that x and y are both positive.
• When computing x / y, check that y is not 0.
• When computing array[++i], check that i is not the index of the last element of the array.

Question 3

Which of the following is true for informal methods?

• An informal method gives a hand waving description of why the program works.
• An informal method gives a proof of correctness of a program.
• An informal method gives a strong argument for correctness of a program.
• An informal method gives a proof of correctness assuming any assumptions are true.

Question 4

Which of the following is NOT true for ad hoc methods?

• Ad hoc methods do not give proofs of correctness.
• Ad hoc methods test the program so that all paths of control are exercised.
• Ad hoc methods may say a program is correct when, in reality, it is not.
• Ad hoc methods give weak arguments of correctness.

Question 5

• Why are checklists for secure programming helpful?
• Checklists are a good reminder of what needs to be done.
• A checklist is helpful for writing secure code, but not for validating that a program is a secure one.
• Anyone can use a checklist to write secure code.
• Using a checklist requires some understanding of programming and systems, but not of secure coding.

Question 6

For a function, the precondition states ___________; the postconditon states __________.

• what is relevant to the function and is true...what the function actually does
• what is assumed when the function is called...what the function will do, assuming the preconditions are satisfied
• what the programmer wants the function to do...what the programmer believes the function will do
• any constraints on the parameters of the function...whether the arguments actually passed to the function satisfy the precondition

Question 7

Why do you log enough information about a login to reconstruct the login actions?

• Because you want to be able to determine when the most login activity occurs
• Because you want to be able to figure out whether an attempt to login is rejected
• Because you want to be able to audit the login attempt and verify the cleartext password is the correct one
• Because you want to be able to determine what happened should an unauthorized login succeed

Question 8

Which of the following indicates a poorly structured program?

• Modularizing security-relevant elements so each module performs exactly one security-related function
• Making the connections between security-related modules and other security-related modules (and non-security related modules) difficult for an analyst, and hence an attacker, to figure out.
• Making the security-related parts of the program as simple as possible
• Separating the security-related and non-security-related parts of the program into different sets of modules.