Which of the following pseudocodes can be used to handle program exceptions?
A.
If program detects another instance of itself, then kill program instance.
B.
If user enters invalid input, then restart program.
C.
If program module crashes, then restart program module.
D.
If user’s input exceeds buffer length, then truncate the input.
I have no ideal of how I was supposed to learn this from the comptia Security+ study guide.
0
0
Me either. And I’ve read Daniel’s book. Nothing in there from this unless I’ve overlooked.
0
0
What worries me the most in this exam is not “pseudocodes.” I think that “pseudo questions” are much worse.
We need to take a look at some definitions:
PSEUDOCODE:
Pseudocode is an informal high-level description of the operating principle of a computer program or other algorithm. It uses the structural conventions of a programming language, but is intended for human reading rather than machine reading. In other words, a pseudo code is COMMENT that humans are able to read.
EXCEPTION HANDLING:
Exception handling is the process of responding to the occurrence, during computation, of exceptions – anomalous or exceptional conditions requiring special processing – often changing the normal flow of program execution. Exception handling is an aspect of secure coding. In short, when errors occur, the system should revert back to a secure state.
So in a convoluted way, the question says that should the app crash, we must provide instructions on how to revert the program to its original secure state.
A-killing the program instance kills the program but it will not cause it to revert back to its original secure state.
B- A user entering an invalid input may or may not cause the app to hang. This has to do with input validation more than with Exception handling, unless entering an invalid input causes an exception.
D- “If user’s input exceeds buffer length, then truncate the input” sounds like technical gobbledygook to me. Furthermore “truncating the input” will not cause the app to revert back to its original secure state.
Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state.
This must be coded into the system by the programmer, and should capture all errors and exceptions that could cause the application or its modules to crash.
Restarting the application or module would ensure that the application reverts back to a secure state.
THIS IS NOT A SECURITY+ QUESTION.
0
0