Which of the following software review processes increases the software security by removing the common vulnerabilities, such as format string exploits, race conditions, memory leaks, and buffer overflows?
Suggested Answer:review is performed in the following forms: Pair programming Informal walkthrough Formal inspection Answer: C is incorrect. A peer review is an examination🗳️
A code review is a systematic examination of computer source code, which searches and resolves issues occurred in the initial development phase. It increases the software security by removing common vulnerabilities, such as format string exploits, race conditions, memory leaks, and buffer overflows. A code process in which author and one or more colleagues examine a work product, such as document, code, etc., and evaluate technical content and quality. According to the Capability Maturity Model, peer review offers a systematic engineering practice in order to detect and resolve issues occurring in the software artifacts, and examination of a software product, software process, or a set of software processes for assessing compliance with specifications, standards, contractual agreements, or other specifications.
B. Code Review.
While Peer Review can also provide valuable insights towards improving security, it is not specifically designed to eliminate common vulnerabilities identified in the question. The primary goal of peer review is to ensure that code adheres to coding standards and team conventions while meeting functional requirements.
Peer reviews are typically performed by members of the same development team who collaborate on projects. Peers may catch errors that went unnoticed during programming or testing phases, but they may not be familiar with all current security best practices or up-to-date threats/targets. Code reviews for security purposes require specialized knowledge regarding known vulnerabilities and how attackers might exploit them, which a peer reviewer might not have.
Therefore, peer reviews complement (but do not replace) other software review processes such as management review, code review, and software audit review that address commonly-known cybersecurity concerns like format string exploits, race conditions, memory leaks, and buffer overflows by focusing explicitly on eliminating these types of weaknesses from within source codebases.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
74gjd_37
5 months, 2 weeks ago4e3rv21rq3vq2q
1 year, 8 months ago