CISSP PRACTICE QUESTIONS – 20210330

Effective CISSP Questions

A software developer checked in new code and pushed it into the remote code repository. Which of the following activities is most likely to happen immediately after the push? (Wentz QOTD)
A. Unit testing
B. Integration testing
C. Regression testing
D. Management acceptance of residual risk

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Integration testing.

Code Repository: git

Unit Testing

Unit testing is both a test and development instrument. Modern software developers usually develop a unit test before the feature code is done, aka test-driven development (TDD) approach. In other words, every software feature comes with a set of unit tests to ensure it functions properly.

Sample Unit Test

Integration Testing

Nowadays, software developers are writing code on their desktops or laptops where a local code repository resides. They “commit” or “check in” codes into the local code repository first. If local codes are built and tested without problems, they are pushed to the remote central code repository for integration. Continuous integration (CI) means the remote server starts the server build automatically once the CI criteria are met, e.g., whenever new codes are checked in or it starts building periodically (e.g., nightly build). If the server build succeeds, it starts (integration) testing automatically. Unit tests and UI tests can be done without user intervention, e.g., using Selenium to support the automated end-to-end (e2e) web UI tests.

Regression Testing

If the server build fails, the central server for the remote code repository will notify developers of errors. Developers making bugs or breaking the build have to fix them and repeat the process until no error occurs. It’s a process of regression testing.

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

一位軟件開發人員簽入了新代碼,並將其推送到遠端的代碼存儲庫中。 在推入(push)代碼之後,以下哪個活動最可能先發生? (Wentz QOTD)
A. 單元測試(Unit testing)
B. 整合測試(Integration testing)
C. 廻歸測試(Regression testing)
D. 管理階層接受殘餘風險(residual risk)

Leave a Reply