Skip to content

Chapter 20 Software Development Security

Domain 3 & 8

Written Lab

  1. What is the main purpose of a primary key in a database table?

    The primary key uniquely identifies each row in the table.

  2. What is polyinstantiation?

    Polyinstantiation is a database security technique that appears to permit the insertion of multiple rows sharing the same uniquely identifying information.

  3. Explain the difference between static and dynamic analysis of application code.

    Static analysis performs assessment of the code itself, analyzing the sequence of instructions for security flaws.

    Dynamic analysis tests the code in a live production environment, searching for runtime flaws.

  4. Why should both static and dynamic analysis of application code be used together whenever possible?

    Static and dynamic analysis each have the potential to uncover different types of security and design flaws. when the testers have access to the application code, they should conduct both static and dynamic testing. Reading code is a lot different from executing it.

  5. Explain the difference between supervised and unsupervised machine learning.

    p.985