The code snippet below controls all electronic door locks to a secure facility in which the doors should only fail open in an emergency. In the code, “criticalValue" indicates if an emergency is underway.
Which of the following is the BEST course of action for a security analyst to recommend to the software developer?
A. Rewrite the software to implement fine-grained, conditions-based testing
B. Add additional exception handling logic to the main program to prevent doors from being opened
C. Apply for a life-safety-based risk exception allowing secure doors to fail open
D. Rewrite the software’s exception handling routine to fail in a secure state
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
Maybe: A. Rewrite the software to implement fine-grained, conditions-based testing ?
Wouldn’t that include “Add additional exception handling logic to the main program to prevent doors from being opened” ?
Id say add the exception would be BEST in this situation. D
B is correct answer because current program keeps the door opened all the time, so it needs another exception to keep the door opened and make it only opened on emergency.
huh? The current program does not keep it open all the time, it only keeps it open if it’s “criticalValue”.
I am not a programmer by an stretch, but
{
If (emergency)
FAIL OPEN
else (aka not emergency)
Doors are closed.
} exception(e) { //this means that if an exception happens regardless of emergency status the doors will do the below
Doors are open!
}
D is my thinking.
Sandman the exception in this isn’t an emergency, it’s an exception. Aka what do we want this to default back to. We want it to default to Fail closed. Let me know if I’m thinking about this wrong anyone, but it seems pretty straightforward if my understanding of the syntax is right.
“the doors should only fail open in an emergency”
Answer D does not meet this requirement, they will fail closed in an emergency. (The catch statement would change to false)
Answer C is not a recommendation for a software developer, it’s for management.
Answer B has the same issue, there is no test for emergency in the fail state, and they would be locked.
Answer A allows you to have exception handle where you can test criticalValue if in a fail (error) state.
The answer is A
I think the answer is “D” too.
I think the correct answer is D