Developers often think of software quality in terms of faults and failures. Faults are problems, such as loops that never terminate or misplaced commas in statements, that developers can see by looking at the code. Failures are problems, such as a system crash or the invocation of the wrong function, that are visible to the user. Thus, faults can exist in programs but never become failures, because the conditions under which a fault becomes a failure are never reached. How do software vulnerabilities fit into this scheme of faults and failures? Is every fault a vulnerability? Is every vulnerability a fault?
What will be an ideal response?
Vulnerabilities are both. Not every vulnerability will be visible to developers,since, for example, vulnerabilities may exist because of context of use. (For example, consider a program that displays warning messages about credit card authorization failures.
Displaying this information is nota vulnerability if only clerks can see the screen.)Not every fault that developers can see is a vulnerability; some faults might be in code that cannot be reached.
You might also like to view...
What Java package includes the class Scanner?
a. awt b. swing c. io d. util
Explain why it is important to use the right words when describing your problem to tech support.
What will be an ideal response?
____ a picture to display the Format Picture tab.
A. Double-click B. Click C. CONTROL-click D. Triple-click
Every time you click the Save button the Save As dialog box will ALWAYS appear
Indicate whether the statement is true or false