After being notified of a vulnerability in the company’s online payment system, the Product Security Incident Response Team (PSIRT) was unable to recreate the vulnerability in a testing lab.
What is the response team’s next step?
Which category classifies identified threats that have some defenses in place and expose the application to limited exploits?
A security architect is creating a data flow diagram and draws an arrow between two circles.
What does the arrow represent?
What is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or distribution to provide confidentiality, integrity, and availability?
Which category classifies identified threats that have defenses in place and do not expose the application to exploits?
Which type of security analysis is limited by the fact that a significant time investment of a highly skilled team member is required?
A public library needs to implement security control on publicly used computers to prevent illegal downloads.
Which security control would prevent this threat?
Which type of manual code review technique is being used when the reviewer starts at an input control and traces its value through the application to each of the value's outputs?