RCR 080: Creating a Secure Development Environment - CISSP Training and Study!

Published: March 9, 2020, 5 p.m.

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity. 

In this episode, Shon will provide CISSP training for Domain 8 (Software Development Security) of the CISSP Exam.  His extensive training will cover all of the CISSP domains.

BTW - Get access to all my CISSP Training Courses here at:  https://shongerber.com/ 

CISSP Exam Questions

Question:  122

What type of reconnaissance attack provides attackers with useful information about the services running on a system?

  1. A) Session hijacking
  2. B) Port scan
  3. C) Dumpster diving
  4. D) IP sweep

Port scan

Port scans reveal the ports associated with services running on a machine and available to the public.

From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328


Question:  123

What technology does the Java language use to minimize the threat posed by applets?

  1. A) Confidentiality
  2. B) Encryption
  3. C) Stealth
  4. D) Sandbox



The Java sandbox isolates applets and allows them to run within a protected environment, limiting the effect they may have on the rest of the system.

From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328


Question:  124

What is the most effective defense against cross-site scripting attacks?

  1. A) Limiting account privileges
  2. B) Input validation
  3. C) User authentication
  4. D) Encryption

Input validation

Input validation prevents cross-site scripting attacks by limiting user input to a predefined range. This prevents the attacker from including the HTML

From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328



Want to find Shon elsewhere on the internet?

LinkedIn – www.linkedin.com/in/shongerber

Facebook - https://www.facebook.com/CyberRiskReduced/