CompTIA Security Plus Mock Test Q733

Which of the following pseudo codes can be used to handle program exceptions?

A. If program detects another instance of itself, then kill program instance.
B. If user enters invalid input, then restart program.
C. If program module crashes, then restart program module.
D. If user’s input exceeds buffer length, then truncate the input.

Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and
should capture all errors and exceptions that could cause the application or its modules to crash. Restarting the application or module would ensure that the application reverts back to
a secure state.

Incorrect Answers:
A: Checking whether a program is running already is not a form of error or exception handling.
B, D: These are examples of input validation.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 230, 234