Absolute Free Secure-Software-Design Exam Practice for Comprehensive Preparation 

The security team is reviewing all noncommercial software libraries used in the new product to ensure they are being used according to the legal specifications defined by the authors. What activity of the Ship SDL phase is being performed? 

The software security team is performing security testing for a new software product that is close to production release. They are concentrating on integrations between the new product and database servers, web servers, and web services. Which security testing technique is being used?

object was transmitted to the POST endpoint of the API as a human-readable JSON object.

How should existing security controls be adjusted to prevent this in the future?

Automated security testing was performed by attempting to log in to the new product with a known username using a collection of passwords. Access was granted after a few hundred attempts. How should existing security controls be adjusted to prevent this in the future?

member performed an assessment on a reported vulnerability in the company's claims intake component. The

base score of the vulnerability was 3.5 and changed to 5.9 after adjusting temporal and environmental metrics.

Which rating would CVSS assign this vulnerability?