Which of the following lists the software development phases in the correct order?

Home > Articles > Other IT Certifications > CISSP

This chapter gives you some specific areas of knowledge to be familiar with for the CISSP exam and provides sample questions to test your familiarity with those areas.

This chapter is from the book 

The Software Development Security domain is concerned with the security controls used by applications during their design, development, and use. Individuals studying this domain should understand the security and controls of application security, which includes the systems development process, application controls, and knowledge-based systems. Test candidates should also understand the concepts used to ensure data and application integrity. The following list gives you some specific areas of knowledge to be familiar with for the CISSP exam:

SDLC (software development life cycle)
Change (life cycle) management
Database security
Artificial Intelligence systems
Mobile code
Malware, viruses, and worms

Practice Questions

Which of the following is not a valid database management system model?

A.

The hierarchical database management system

B.

The structured database management system

C.

The network database management system

D.

The relational database management system

Quick Answer: 259
Detailed Answer: 260
During which stage of the software development life cycle should security be implemented?

A.

Development

B.

Project initiation

C.

Deployment

D.

Installation

Quick Answer: 259
Detailed Answer: 260
In which software development life cycle phase do the programmers and developers become deeply involved and do the majority of the work?

A.

System Design Specifications

B.

Software Development

C.

Operation and Maintenance

D.

Functional Design Analysis and Planning

Quick Answer: 259
Detailed Answer: 260
In the software development life cycle, what is used to maintain changes to development or production?

A.

Certification

B.

Audit control team

C.

Manufacturing review board

D.

Change control

Quick Answer: 259
Detailed Answer: 260
What is the most-used type of database management system?

A.

The hierarchical database management system

B.

The structured database management system

C.

The network database management system

D.

The relational database management system

Quick Answer: 259
Detailed Answer: 260

Place the software development life cycle phases in the proper order.

	A.	Initiation, software development, functional design analysis, operation, installation, disposal
	B.	Initiation, software development, functional design analysis, installation, operation, disposal
	C.	Initiation, functional design analysis, software development, installation, operation, disposal
	D.	Initiation, functional design analysis, software development, operation, installation, disposal

Quick Answer: 259

Detailed Answer: 260

Which of the following statements about Java applets is correct?

A.

They are downloaded from a server.

B.

They are not restricted in computer memory.

C.

They are run from the browser.

D.

They are executed by your system.

Quick Answer: 259
Detailed Answer: 260
Which of the following is a valid system development methodology?

A.

The spring model

B.

The spiral model

C.

The production model

D.

The Gantt model

Quick Answer: 259
Detailed Answer: 260

Which of the following best describes the Waterfall model?

	A.	The Waterfall model states that development is built one stage at a time, at which point the results flow to the next stage.
	B.	The Waterfall model states that development should progress in a parallel fashion, with a strong change control process being used to validate the process.
	C.	The Waterfall model states that the development process proceeds in a series of discrete steps, each completed before proceeding to the next.
	D.	The Waterfall model states that all the various phases of software development should proceed at the same time.

Quick Answer: 259

Detailed Answer: 260

Your friend is trying to learn more about databases and their structure. She wants to know what a tuple is.

	A.	A description of the structure of the database
	B.	A “row” in a relational database that might be viewed as being similar to a “record” in a flat file
	C.	An ordered set of values within a row in the database table
	D.	Something that uniquely identifies each row in a table

Quick Answer: 259

Detailed Answer: 260

Which of the software development life cycle phases is the point at which new systems need to be configured and steps need to be taken to make sure that security features are being used in the intended way?

A.

System Design Specifications

B.

Operation and Maintenance

C.

Functional Design Analysis and Planning

D.

Installation and Implementation

Quick Answer: 259
Detailed Answer: 260
Your CISSP study group has asked you to research information about databases. Specifically, they want you to describe what metadata is. What is your response?

A.

Metadata is data that describes data.

B.

Metadata is the data used in knowledge-based systems.

C.

Metadata is used for fraud detection.

D.

Metadata is the data used for metadictionaries.

Quick Answer: 259
Detailed Answer: 261

Jamie, your assistant, is taking some classes on database controls and security features. She wants to know what aggregation is. How will you answer her?

	A.	It is the process of combining data into large groups that can be used for data mining.
	B.	It is the process of combining security privileges to gain access to objects that would normally be beyond your level of rights.
	C.	It is the process of combining items of low sensitivity to produce an item of high sensitivity.
	D.	It is the process of combining several databases to view a virtual table.

Quick Answer: 259

Detailed Answer: 261

What term describes users’ ability to infer or deduce information about data at sensitivity levels for which they do not have access privileges or rights?

A.

Views

B.

Inference

C.

Channeled view

D.

Presumption

Quick Answer: 259
Detailed Answer: 261

Which of the following best describes a database schema?

	A.	The structure of the database
	A.	The capability of different versions of the same information to exist at different classification levels within the database
	A.	An ordered set of values within a row in the database table
	A.	Something that uniquely identifies each row in a table

Quick Answer: 259

Detailed Answer: 261

Which type of malware is considered self-replicating?

A.

Boot sector

A.

Meme virus

A.

Script virus

A.

Worm

Quick Answer: 259
Detailed Answer: 261
Ashwin is building your company’s new data warehouse. In a meeting, he said, “Data in the data warehouse needs to be normalized.” What does this mean?

A.

Data is divided by a common value.

A.

Data is restricted to a range of values.

A.

Data is averaged.

A.

Redundant data is removed.

Quick Answer: 259
Detailed Answer: 261
Which of the following best describes the term “data dictionary”?

A.

A dictionary for programmers

B.

A database of databases

C.

A virtual table of the rows and tables from two or more combined databases

D.

A dictionary used within a database

Quick Answer: 259
Detailed Answer: 261

Which of the following best describes data mining?

	A.	The use of data to analyze trends and support strategic decisions
	B.	The use of data to determine how the information was collected and formatted
	C.	The process of querying databases for metadata
	D.	The process of adjusting the granularity of a database search

Quick Answer: 259

Detailed Answer: 261

Jerry has top-secret access to a database and can see that the USS Yorktown has left for Iraq. Ted has only public access to the same database. He can see that the ship has left port. However, the record shows that it is bound for Spain. What is this called?

A.

Polyinstantiation

B.

Tuple

C.

Schema

D.

Knowledgebase system

Quick Answer: 259
Detailed Answer: 261
Which of the software development life cycle phases is the point at which a project plan is developed, test schedules are assigned, and expectations of the product are outlined?

A.

Software Development

B.

Functional Design Analysis and Planning

C.

Project Initiation

D.

System Design Specifications

Quick Answer: 259
Detailed Answer: 261
Data checks and validity checks are examples of what type of application controls?

A.

Preventive

B.

Constructive

C.

Detective

D.

Corrective

Quick Answer: 259
Detailed Answer: 261
Which of the following is not a valid form of application control?

A.

Preventive

B.

Constructive

C.

Detective

D.

Corrective

Quick Answer: 259
Detailed Answer: 261
What document guarantees the quality of a service to a subscriber by a network service provider, setting standards on response times, available bandwidth, and system up times?

A.

Service-level agreement

B.

Service agreement

C.

Business continuity agreement

D.

Business provider agreement

Quick Answer: 259
Detailed Answer: 261
Which of the following is not one of the three main components of a SQL database?

A.

Views

B.

Schemas

C.

Tables

D.

Object-oriented interfaces

Quick Answer: 259
Detailed Answer: 261
Cyclic redundancy checks, structured walk-throughs, and hash totals are examples of what type of application controls?

A.

Detective

B.

Preventive

C.

Error checking

D.

Parity

Quick Answer: 259
Detailed Answer: 261
Christine has been alerted by her IDS that a web server on her network was attacked. While examining a trace of the ICMP traffic, she noticed that the attacker’s packets were addressed to the network broadcast address and were spoofed to be from her web server. What type of attack has she been subjected to?

A.

Smurf

B.

LAND

C.

Fraggle

D.

SYN flood

Quick Answer: 259
Detailed Answer: 262
Which of the following best describes the OS protection mechanism that mediates all access that subjects have to objects to ensure that the subjects have the necessary rights to access the objects?

A.

Accountability control

B.

Reference monitor

C.

Security kernel

D.

Security perimeter

Quick Answer: 259
Detailed Answer: 262

Which of the following describes mobile code?

	A.	Code that can be used on a handheld device
	B.	Code that can be used on several different platforms, such as Windows, Mac, and Linux
	C.	Code that can be executed within a network browser
	D.	A script that can be executed within an Office document

Quick Answer: 259

Detailed Answer: 262

Black Hat Bob has just attacked Widget, Inc.’s network. Although the attack he perpetrated did not give him access to the company’s network, it did prevent legitimate users from gaining access to network resources. What type of attack did he launch?

A.

Spoofing

B.

TOC/TOU

C.

ICMP redirect

D.

DoS

Quick Answer: 259
Detailed Answer: 262
Java-enabled web browsers allow Java code to be embedded in a web page, downloaded across the Net, and run on a local computer. This makes the security of the local computer a big concern. With this in mind, how does the Java runtime system ensure secure execution of the Java code?

A.

Digital certificates

B.

Sandbox

C.

Applet boundaries

D.

Defense-in-depth

Quick Answer: 259
Detailed Answer: 262

Chandra wants to learn more about the Software Capability Maturity Model. Help her put the five levels of this model in the proper order, from 1 to 5.

	A.	Initiating, defined, repeatable, optimizing, managed
	B.	Initiating, defined, repeatable, managed, optimizing
	C.	Initiating, repeatable, defined, managed, optimizing
	D.	Initiating, repeatable, defined, optimizing, managed

Quick Answer: 259

Detailed Answer: 262

Which of the following Software CMM levels is the step at which project management processes and practices are institutionalized and locked into place by policies, procedures, and guidelines?

A.

Defined

B.

Repeatable

C.

Initiating

D.

Managed

Quick Answer: 259
Detailed Answer: 262
Which of the following technologies establishes a trust relationship between the client and the server by using digital certificates to guarantee that the server is trusted?

A.

ActiveX

B.

Java

C.

Proxy

D.

Agent

Quick Answer: 259
Detailed Answer: 262
What is the process of cataloging all versions of a component configuration called?

A.

The configuration library

B.

The component library

C.

The catalog database

D.

The software component library

Quick Answer: 259
Detailed Answer: 262

Which of the following best describes a covert storage channel?

	A.	It is a communication channel that violates normal communication channels.
	B.	It is a storage process that writes to storage in an unauthorized manner that typically is undetectable and written through an unsecure channel.
	C.	It is a communication path that allows two processes to access the same storage and allows the contents to be read through a separate, less-secure channel.
	D.	It is a storage process that requires the application of a root kit.

Quick Answer: 259

Detailed Answer: 262

Which of the following is not one of the three ways in which inference can be achieved?

A.

Preventive

B.

Deductive

C.

Abductive

D.

Statistical

Quick Answer: 259
Detailed Answer: 262
Raj has been studying database security features. He reads that two control policies are used to protect relational databases. He remembers that one is MAC, but he has forgotten the second one. Which one is it?

A.

PAC

B.

DAC

C.

SAC

D.

RBAC

Quick Answer: 259
Detailed Answer: 263
Boyd just downloaded a game from a peer-to-peer network. Although the game seemed to install OK, his computer now is acting strangely. The mouse cursor moves by itself, URLs are opening on their own, and his web camera keeps turning itself on. What has happened?

A.

A logic bomb was installed.

B.

A RAT (Remote-Access Trojan) was installed.

C.

A DDoS client was installed.

D.

An email virus was installed.

Quick Answer: 259
Detailed Answer: 263

What is the goal of CRM?

	A.	To learn the behavior and buying habits of your customers
	B.	To search for recurrences in data that can aid in making predictions about future events
	C.	To uncover events that are interconnected
	D.	To hunt for instances of events that are followed up by other events after a certain period

Quick Answer: 259

Detailed Answer: 263

What technology is based on the methods by which the human brain is believed to work?

A.

Neutron networks

B.

Fuzzy logic

C.

Neuron networks

D.

Neural technology

Quick Answer: 259
Detailed Answer: 263

Now that your organization is preparing to retire its mainframe systems, you are asked to look at a distributed system as the replacement. What five requirements should a distributed system meet?

	A.	Interoperability, scalability, transparency, extensibility, control
	B.	Interoperability, portability, transparency, extensibility, security
	C.	Interoperability, portability, transparency, extensibility, control
	D.	Interoperability, scalability, transparency, extensibility, security

Quick Answer: 259

Detailed Answer: 263

George receives an email that did not come from the individual listed in the email. What is the process of changing email message names to look as though they came from someone else?

A.

Spoofing

B.

Masquerading

C.

Relaying

D.

Redirecting

Quick Answer: 259
Detailed Answer: 263
Raj is still studying database design and security. Can you tell him what cardinality means?

A.

The number of rows in a relation

B.

The number of fields in a relation

C.

The number of attributes in a field

D.

The number of attributes in a relation

Quick Answer: 259
Detailed Answer: 263
Wes asks you to help him prepare a practice test for your CISSP study group. Can you tell him which of the following relationships is incorrect?

A.

Relation = table

B.

Record = attribute

C.

Tuple = row

D.

Attribute = column

Quick Answer: 259
Detailed Answer: 263
Joey has been reading about databases and application security. He has asked you to define perturbation for him. Which of the following offers the best answer?

A.

It is used to protect against polyinstantiation.

B.

It is a tool used to prevent aggregation.

C.

It is a tool used to aid in data mining.

D.

It is a tool used to fight inference attacks.

Quick Answer: 259
Detailed Answer: 263
SubSeven and NetBus typically are placed in which of the following categories?

A.

Virus

B.

Trapdoor

C.

Backdoor

D.

Malware

Quick Answer: 259
Detailed Answer: 263
Jennifer’s network has been hit by the following attack pattern: The attacker made many connection attempts to FTP. Each time, the handshake was not completed, and the source addresses were spoofed. The result was that legitimate users could not FTP to that computer. Which type of attack does this attack pattern match?

A.

ACK attack

B.

Teardrop

C.

Fraggle

D.

SYN flood

Quick Answer: 259
Detailed Answer: 263
What is the point in the software development life cycle phase at which information may need to be archived or discarded and a team may be assembled to examine ways to improve subsequent iterations of this or other products?

A.

Revision and Replacement

B.

Functional Design Analysis and Planning

C.

Disposal and Postmortem Review

D.

System Design Specifications

Quick Answer: 259
Detailed Answer: 263
Which type of virus can spread by multiple methods?

A.

Multipartite

B.

Polymorphic

C.

Double partite

D.

Prolific

Quick Answer: 259
Detailed Answer: 264
Polyinstantiation is a solution used by which of the following to remedy multiparty update conflicts?

A.

Database locking

B.

SODA

C.

GREP

D.

Belief-based model

Quick Answer: 259
Detailed Answer: 264
The following security labels exist on a network operating in a multilevel security mode:
Label

Jack

John

File A

File B

File C

File D

Sensitivity

Top-Secret

Secret

Secret

Secret

Top-Secret

Top-Secret

Categories

North

East

East

East

East

North

South

West

West

West

East

West

Jack edits file B and file C simultaneously and then saves both. Which files can John now access?

A.

Files A, B, C, and D

B.

Files A, B, and C

C.

Files A and B

D.

File A

Quick Answer: 259
Detailed Answer: 264
Which generation of code development is most likely to focus on constraints?

A.

Generation 5

B.

Generation 4

C.

Generation 3

D.

Generation 2

Quick Answer: 259
Detailed Answer: 264

The network administrator has been analyzing network reports and is convinced that the network has been the victim of a SYN flooding DoS attack. What evidence might have been discovered that would support this conclusion?

	A.	Customers reporting that their connection requests were rerouted to a malicious web server
	B.	The web server crashing with each request
	C.	Excessive traffic on the front-end load-balancing servers
	D.	IDS logs of incoming malformed packets

Quick Answer: 259

Detailed Answer: 264

Which language, when used for development of your company’s front-end application, results in a program that is least likely to have vulnerable code?

A.

Machine code

B.

Assembler code

C.

C code

D.

SQL code

Quick Answer: 259
Detailed Answer: 264
In your corporation, it is critical that the metadata surrounding business data be revealed to only the proper authorities, even though all employees require access to the business data. Access to the metadata is being controlled through the use of views so that only the appropriate authorities have deeper access. What is this technique called?

A.

Encapsulation

B.

Polymorphism

C.

Instantiation

C.

Abstraction

Quick Answer: 259
Detailed Answer: 264
To prevent covert channels via race conditions, it is critical that software modules be able to execute independently of each other. What is this called?

A.

Low coupling and low cohesion

B.

Low coupling and high cohesion

C.

High coupling and low cohesion

D.

High coupling and high cohesion

Quick Answer: 259
Detailed Answer: 264
Expert systems use forward and reverse chaining that is based on what?

A.

The inference engine

B.

Certainty factors

C.

The rulebase

D.

Neural structures

Quick Answer: 259
Detailed Answer: 264

What is the most common problem related to audit logs?

	A.	Audit logs can be examined only by auditors.
	B.	Audit logs use parsing tools that distort the true record of events.
	C.	Audit logs are not backed up.
	D.	Audit logs are collected but not analyzed.

Quick Answer: 259

Detailed Answer: 264

When you’re dealing with mobile code and wireless devices, many security issues can arise. For example, when you’re working with wireless devices that are using Wireless Application Protocol (WAP), which of the following is the primary security concern?

	A.	WAP is not a secure protocol.
	B.	The web server that the wireless device is communicating with via SSL may have vulnerabilities.
	C.	The wireless device may have vulnerabilities in its OS.
	D.	The WAP gateway can be targeted by attackers.

Quick Answer: 259

Detailed Answer: 265

Which generation(s) of code is/are most likely to focus on the logic of the algorithms?

A.

Generation 5

B.

Generations 2, 3, and 4

C.

Generations 1 and 2

D.

Generations 1 and 5

Quick Answer: 259
Detailed Answer: 265
Which type of database combines related records and fields into a logical tree structure?

A.

Relational

B.

Hierarchical

C.

Object-oriented

D.

Network

Quick Answer: 259
Detailed Answer: 265
What type of database is unique because it can have multiple records that can be either parent or child?

A.

Relational

B.

Hierarchical

C.

Object-oriented

D.

Network

Quick Answer: 259
Detailed Answer: 265
Your colleague wants to know when the best point within the software development life cycle (SDLC) is to create a list of potential security issues. What do you tell her?

A.

Feasibility

B.

Development

C.

Design

D.

Requirements

Quick Answer: 259
Detailed Answer: 265

Which of the following are correct?

I.	The object linking and embedding database (OLE DB) is a replacement for open database connectivity (ODBC).
II.	ActiveX Data Objects (ADO) is an API that allows applications to access back-end database systems.
III.	Java Database Connectivity is a markup standard that is self-defining and provides a lot of flexibility in how data within the database is presented.
IV.	The data definition language (DDL) defines the structure and schema of the database.

	A.	I and IV
	B.	II, III, and IV
	C.	I, II, III, and IV
	D.	I, II, and IV

Quick Answer: 259

Detailed Answer: 265

How can referential integrity best be defined?

A.

Structural and semantic rules are enforced.

B.

Semantic rules are enforced.

C.

Structural rules are enforced.

D.

All foreign keys reference existing primary keys.

Quick Answer: 259
Detailed Answer: 265
Lenny is trying to determine how much money a new employee makes. His job in HR allows him to see total payroll by department but not by person. The individual he is curious about just started a month ago, so Lenny simply compares that department’s previous month’s total salary to the current month’s total salary. What has Lenny just done?

A.

Enumeration

B.

An inference attack

C.

Polyinstantiation

D.

Online transaction processing (OLTP)

Quick Answer: 259
Detailed Answer: 265

While browsing the company directory, you notice that your address is incorrect. To rectify the situation, you decide to modify the database that holds this information. Although the change seems to work, you notice later that the information has reverted to the previous, incorrect information. What do you believe is the source of the problem?

	A.	The user does not have modification rights.
	B.	The schema does not allow changes from the user’s machine.
	C.	Someone in personnel has put a lock on the cell.
	D.	Replication integrity is inaccurate due to mismatched times.

Quick Answer: 259

Detailed Answer: 265

Knowledge discovery is also known as what?

A.

Data warehousing

B.

Metadata

C.

Data mining

D.

Atomicity

Quick Answer: 259
Detailed Answer: 266

Which of the following statements are true?

I.	Data definition language (DDL) allows users to make requests of the database.
II.	Data manipulation language (DML) maintains the commands that enable a user to view, manipulate, and use the database.
III.	Query language (QL) defines the structure and schema of the database. The structure could mean the table size, key placement, views, and data element relationship.
IV.	The report generator creates printouts of data in a user-defined manner.

	A.	I and II
	B.	II and IV
	C.	II, III, and IV
	D.	I, II, III, and IV

Quick Answer: 259

Detailed Answer: 266

Jim’s new job at the headquarters of a major grocery store has him examining buyer trends. He uses the database to find a relationship between beer and diapers. He discovers that men over 20 are the primary buyers of these two items together after 10 p.m. What best describes Jim’s actions?

A.

Data warehousing

B.

Metadata

C.

Data mining

D.

Atomicity

Quick Answer: 259
Detailed Answer: 266

Your application developer has created a new module for a customer-tracking system. This module will result in greater productivity. The application has been examined and tested by a second person in the development group. A summary of the test shows no problems. Based on the results, which of the following is not a recommended best practice?

	A.	The new code should be passed to quality assurance personnel so that they can certify the application.
	B.	The application should be placed into operations and implemented.
	C.	An accrediting official should wait for the results of certification.
	D.	All changes must be logged in the change management database (CMDB).

Quick Answer: 259

Detailed Answer: 266

Which of the following describes verification and validation?

	A.	Verification verifies that the product meets specifications. Validation is the completion of the certification and accreditation process.
	B.	Verification measures how well the program or application solves a real-world problem. Validation verifies that the product meets specifications.
	C.	Verification verifies that the product meets specifications. Validation measures how well the program or application solves a real-world problem.
	D.	Verification verifies that the program or application meets certification requirements. Validation verifies that the product received accreditation.

Quick Answer: 259

Detailed Answer: 266

You are assigned to modify an application to address a specific problem with the current release of the program. When the change is complete, you notice that other modules that should not have been affected appear to be nonfunctional. What do you believe is the cause?

A.

The module has low cohesion.

B.

The module has high cohesion.

C.

The module is tightly coupled.

D.

The module is loosely coupled.

Quick Answer: 259
Detailed Answer: 266

Jake has become concerned that a citizen programmer in the group has developed code for others in the department. What should be your primary concern?

	A.	That the programs are tested by others in the department
	B.	That the programs have not been certified and verified
	C.	That a copy of the code is held in a library
	D.	That the code is adequately commented

Quick Answer: 259

Detailed Answer: 266

Which of the following statements is most correct?

	A.	Relational database parents can have only one child.
	B.	A relational database is designed so that a child can have only one parent.
	C.	A hierarchical database is designed so that a parent can have only one child.
	D.	A hierarchical database is designed so that a child can have only one parent.

Quick Answer: 259

Detailed Answer: 266

What level of the capability maturity model features quantitative process improvement?

A.

Managed

B.

Defined

C.

Repeatable

D.

Optimized

Quick Answer: 259
Detailed Answer: 266
Your company has just signed a software escrow agreement. Which of the following best describes this document?

A.

An offsite backup

B.

A form of maintenance agreement

C.

A form of insurance

D.

A clustered software service

Quick Answer: 259
Detailed Answer: 266
With regard to database operations, canceling a set of changes and restoring the database to its prior state is called what?

A.

Savepoint

B.

Commit

C.

Rollback

D.

Audit point

Quick Answer: 259
Detailed Answer: 267
The capability maturity model features five maturity levels that begin with initial. What is the proper order of the remaining four levels?

A.

Repeatable, defined, managed, optimized

B.

Managed, repeatable, defined, optimized

C.

Repeatable, managed, defined, optimized

D.

Defined, optimized, repeatable, managed

Quick Answer: 259
Detailed Answer: 267
Data that describes other data is called what?

A.

Metadata

B.

Nonatomic data

C.

Data structure

D.

Transaction processing

Quick Answer: 259
Detailed Answer: 267
In which database model do you perceive the database as a set of tables that are composed of rows and columns?

A.

Hierarchical

B.

Network

C.

Relational

D.

Object

Quick Answer: 259
Detailed Answer: 267
With a relational database management system, you can constrain what a particular application or user sees by using what?

A.

Schema

B.

Device media control language (DMCL)

C.

Data mine

D.

Database view

Quick Answer: 259
Detailed Answer: 267
Security controls must be considered at which phases of the software life cycle?

A.

Design analysis, software development, installation, and implementation

B.

Project initiation, software development, and operation maintenance

C.

Design specifications

D.

All of the above

Quick Answer: 259
Detailed Answer: 267
The change control process is structured so that various steps must be completed to verify that no undocumented, unapproved, or untested changes are implemented. Which of the following is the final step?

A.

Configure the hardware properly.

B.

Update documentation and manuals.

C.

Inform users of the change.

D.

Report the change to management.

Quick Answer: 259
Detailed Answer: 267
You are asked to develop an advanced program that will interact with users. You are asked to look at knowledge-based systems. As such, expert systems use what type of information to make a decision?

A.

if...then statements

B.

Weighted computations

C.

A process similar to that used by the human brain (reasoning)

D.

Weighted computations based on previous results

Quick Answer: 259
Detailed Answer: 267
Which of the following is considered a middleware technology?

A.

Atomicity

B.

OLE

C.

CORBA

D.

Object-oriented programming

Quick Answer: 259
Detailed Answer: 267
The CMMI contains how many process areas?

A.

4

B.

5

C.

20

D.

22

Quick Answer: 259
Detailed Answer: 267
At which level of the CMM are processes likely to be variable (inconsistent) and depend heavily on institutional knowledge?

A.

Level 1

B.

Level 2

C.

Level 3

D.

Level 4

Quick Answer: 259
Detailed Answer: 268
When dealing with expert systems, which of the following are valid methods for reasoning when using inference rules?
I.

Forward chaining

II.

Knowledge transparency

III.

Backward chaining

IV.

Knowledge representation

A.

II

B.

I and III

C.

I and IV

D.

I, II, III, and IV

Quick Answer: 259
Detailed Answer: 268
Which of the following is a project-development method that uses pairs of programmers who work off of detailed specifications?

A.

Waterfall

B.

Spiral

C.

Extreme

D.

RAD

Quick Answer: 259
Detailed Answer: 268
Jake is using a commercial program that is free to use without pay with only limited functionality. This is most correctly called what?

A.

Commercial software

B.

Freeware

C.

Shareware

D.

Crippleware

Quick Answer: 259
Detailed Answer: 268
Which of the following can best be described as byte-code?

A.

Java

B.

Assembly

C.

C language

D.

Fortran

Quick Answer: 259
Detailed Answer: 268
Which of the following is an example of open vendor-neutral middleware?

A.

OOA

B.

COM

C.

CORBA

D.

OOD

Quick Answer: 259
Detailed Answer: 268
Which of the following allows objects written with different OOP languages to communicate?

A.

OOA

B.

COM

C.

OOD

D.

CORBA

Quick Answer: 259
Detailed Answer: 268

Which of the following lists the software development phases in the correct order?

Practice Questions

zusammenhängende Posts

Which of the following accurately lists the three elements of the motivation process?

Which of the following choices lists the three main components of a computer’s hardware?

Is when two or more methods in the same class have the same name but different parameter lists?

Which of the following lists include all of the five characteristics common to high quality data?

Is a term to indicate when multiple methods are written with the same name but with different parameter lists?

Is a table that lists the quantities of a good a person will buy at each price that may be offered in the market?

Is a table that lists the qualities of a good a person will buy at each price that may be offered in the market?

Werbung

NEUESTEN NACHRICHTEN

What delivers applications over the cloud using a pay-per-use revenue model?

What processes convert data into information and information into knowledge?

Fuß umgeknickt keine Schwellung aber Schmerzen was tun

What can decrease the effectiveness of an mbo (management by objectives) system?

Wie viel kostet ein normales Ohrloch stechen?

Ein Colt für alle Fälle Klingelton Android

Gemeinschaft entwässerung wer ist für zuständig

Was ist der unterschied zwischen einem boot und einem schiff

Wann geht es weiter mit Outpost?

Wer ist bei lets danz faisal

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial