You are doing pair programming with a peer developer. Which of the following is the most challenging issue to discover? (Wentz QOTD)
A. SQL injection
B. Naming convention
C. Logic bomb
D. Deadlock

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Deadlock.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Pair programming is one of the well-known extreme programming (XP) practices. It’s also a practice of real-time code review; a peer developer monitors and reviews on the fly while the other developer is writing codes.

Naming convention, SQL injection, and logic bomb are easy to discover at the source code level. However, race conditions like deadlock typically occur at runtime (dynamic testing) from time to time and are hard to identify in design time (static testing). Race conditions are concurrency issues that result from multithreaded, parallel programming, or multi-user environment.

Reference

• Code Review Checklist – To Perform Effective Code Reviews
• 4 Types Of Code Reviews Any Developer Should Know
• Five Types of Review

---

您正在與同儕開發人員進行結對編程。 以下哪個是最難發現的問題？ (Wentz QOTD)
A. SQL注入
B. 命名慣例
C. 邏輯炸彈
D. 死結