Developers often think of software quality in terms of faults and failures. Faults are problems, such as loops that never terminate or misplaced commas in statements, that developers can see by looking at the code. Failures are problems, such as a system crash or the invocation of the wrong function, that are visible to the user. Thus, faults can exist in programs but never become failures,
because the conditions under which a fault becomes a failure are never reached. How do software vulnerabilities fit into this scheme of faults and failures? Is every fault a vulnerability? Is every vulnerability a fault?
What will be an ideal response?
Vulnerabilities
are
both.
Not
every
vulnerability
will
be
visible
to
developers,
since,
for
example,
vulnerabilities
may
exist
because
of
context
of
use.
(For
example,
consider
a
program
that
displays
warning
messages
about
credit
card
authorization
failures.
Displaying
this
information
is
not
a
vulnerability
if
only
clerks
can
see
the
screen.)
Not
every
fault
that
developers
can
see
is
a
vulnerability;
some
faults
might
be
in
code
that
cannot
be
reached.
You might also like to view...
When you change the margins, Word automatically adjusts line wrapping and repaginates your document. ____________________
Answer the following statement true (T) or false (F)
A volume that acts as the disk witness must be accessible to all cluster nodes through the cluster shared storage network.
Indicate whether the statement is true or false.
The ____ signal continues a process that was stopped with the STOP signal.
A. SIGKILL B. SIGHUP C. SIGINT D. SIGCONT
In a FLWOR query structure, the _____ clause sorts the items in the sequence based on a supplied expression.
A. ?for B. ?let C. ?where D. ?order by