Qtr No. 213, New Town Yehlanka Indore 454775
A software for a networking device is written using C programming language. There is a requirement in the software to get input from the user. The programmers had used the gets() method for getting the input from the user and this lead to a very serious vulnerability known as buffer overflow.
Note: gets() is already listed as a vulnerable/bad coding practice in the CERT Coding Guidelines and has recommended developers to use new method fgets() instead of gets().
Which of the following Secure SDLC practices could have helped in preventing and/or detecting such issues? (Choose TWO most appropriate options)
Deprecate unsafe functions
Source code scanning using Static Application Security Testing (SAST) tools
User risk assessment
Establish a disposal/transition plan
To get all Secure SDLC - Assessment Exam questions Join Group https://bit.ly/infy_premium_group
We're passionate about offering best placement materials and courses!! A one stop place for Placement Materials. We daily post Offcampus updates and Placement Materials.
Qtr No. 213, New Town Yehlanka Indore 454775
admin@prepflix.in
