William is the lead programmer for Gummerson, Inc., a software company located in San
Francisco. Gummerson is looked upon as one of the leading software development companies for
medical and health related applications. William believes that his company is so successful
because they believe in involving the user or client in the design and development of the
programs. What software development methodology does Gunnerson, Inc. use when creating
applications for clients?

Harold is writing a J2ME program that run an inventory application on his company’s PDAs.
Employees will use their PDA to scan barcodes into the program Harold is writing. Harold is very
concerned about securing his program’s code and ensuring its integrity once it is utilized. Harold
particularly wants to stop the execution of class files loaded in the virtual machine in any way,
what is not allowed by java virtual machine specification. What level of J2ME security should

Harold implement to accomplish this?

Harold is creating an Oracle Label Security Policy on his server. He has define the policy and
defined the components of the labels already. Now Harold creates the labels dynamically using
the TO_DATA_LABEL function:
INSERT INTO emp (ename, empnum, hr_label)
VALUES (‘FGRIFFIN’, 10 to_data_label (‘HR’, ‘SENSITIVE’));
Harold gets an error reffering to permission when he tries to run this function. What authority must
Harold have to run the TO_DATA_LABEL function?

Yancey has just finished downloading the Valgrind suite to use in his application development.
Yancey is most concerned about the possibility of memory-management issues in his programs.
What tool included in Valgrind suite can Yancey use to detect memory-management related
issues?

If a developer wrote the following code, what would the script be vulnerable to?
#include <stdio.h>
int main(int argc, char **argv)
{
int number = 5;
printf(argv[1]);
putchar(‘\n’);
printf(“number (%p) is equal to %d\n”, &value, value);
}