Effective CISSP Questions

Which of the following software testing techniques is most commonly conducted by developers or programmers? (Wentz QOTD)
A. Synthetic transactions
B. Fuzzing
C. Continuous integration
D. Unit testing

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Unit testing.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Sample Unit Test
Sample Unit Test

Unit testing is typically developed by programmers. It’s a white box test. To maximize the value of unit testing, it is accompanied by the test-driven development (TDD) practice proposed by the Agile approach, extreme programming (XP). That is, a programmer writes a unit test first, to drive the development of production code. It creates little value to write unit tests after the production code has been done.

Unit tests are checked into the local code repository and pushed up to the central code repository server. Compiling all the codes on the server and executing all the unit tests if compilation succeeds is part of the integration testing. If the server is configured to start compiling automatically when some conditions are met, it is called continuous integration. Nightly build (e.g., 3 AM every day) or new check-in detected are good examples of continuous integration triggers.

XP Practices
XP Practices (Source:


以下哪種軟件測試技術最常由開發或程式人員進行? (Wentz QOTD)
A. 合成交易
B. 模糊測試
C. 持續集成
D. 單元測試

1 thought on “CISSP PRACTICE QUESTIONS – 20210722

  1. Pingback: 單元測試(Unit testing) – Choson資安大小事

Leave a Reply