Your company is going to launch a new version of a banking application. To ensure an appropriate security posture, the team performed penetration tests using accounts with varying levels of access. Which of the following would be the best additional step to take?
A. Code review across critical modules
B. Performance testing
C. Port scanning in the network for open ports
D. Review all patch levels on all servers
D
Explanation: While all options are security related and good ideas, the most pressing need with respect to this applications is code review.
You might also like to view...
A JAD session involves:
A) casual planning, since the interaction between users is when the activity occurs in a creative fashion. B) using a session leader that has excellent communication skills. C) having a systems analyst as a session leader. D) note-taking by all the individuals within the session.
Which of the following is true for the submit button?
A. The button must have the text "submit" on it. B. The button cannot be styled. C. The button does not require a label element. D. The button must have an orange background.
By ensuring your data is consistent and accurate, you are enhancing the usability of your data
Indicate whether the statement is true or false
Which of the following is the best example of a threat agent?
A. A poor configuration in the authentication system B. A zero-day attack C. A flaw in the source code of a firewall D. A disgruntled employee