Suppose a program to print paychecks secretly leaks a list of names of employees earning more than a certain amount each month. What controls could be instituted to limit the vulnerability of this leakage?
What will be an ideal response?
Example
controls:
Screening
all
output;
splitting
the
program
into
two,
written
by
separate
teams,
each
processing
half
of
the
input
each
month;
code
reviews
during
development;
testing
to
exercise
all
branches
in
the
source
code.
Note
that
these
controls
are
not
perfect.
Note
also
that
it
is
much
easier
to
limit
the
vulnerability
if
one
knows
or
suspects
it
exists
instead
of
hypothesizing
such
a
vulnerability
exists
and
seeking
to
confirm
the
hypothesis.
You might also like to view...
A user can permanently remove a database record by clicking or tapping the ____ button on the navigation toolbar.
A. Remove B. Exit C. Delete D. Purge
Write PL/SQL block that asks user to input first number, second number and an arithmetic operator (+, -, *, or /). If operator is invalid, throw and handle a user-defined exception. If second number is 0 and the operator is /, handle ZERO_DIVIDE predefined server exception.
What will be an ideal response?