(ISC)2(ISC)2
CSSLP · Question #7
CSSLP Question #7: Real Exam Question with Answer & Explanation
Sign in or unlock CSSLP to reveal the answer and full explanation for question #7. The question stem and answer options stay visible for context.
Secure Software Architecture and Design
Question
Microsoft software security expert Michael Howard defines some heuristics for determining code review in "A Process for Performing Security Code Reviews". Which of the following heuristics increase the application's attack surface? Each correct answer represents a complete solution. Choose all that apply.
Options
- ACode written in C/C++/assembly language
- BCode listening on a globally accessible network interface
- CCode that changes frequently
- DAnonymously accessible code
- ECode that runs by default
- FCode that runs in elevated context
Unlock CSSLP to see the answer
You've previewed enough free CSSLP questions. Unlock CSSLP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Attack Surface Management#Security Heuristics#Secure Software Design#Threat Modeling