Topic A01 Fundamentals of Secure Coding

Hide SQL errors from the user only

Require all input to be uppercase

Replace spaces with underscores in input

Use parameterized queries or prepared statements

It's caused by outdated frameworks

Only junior developers worked on it

Security wasn't considered during architecture

The app doesn’t use a dark mode

Ignore until next major project upgrade

Update vulnerable components, test, and deploy

Add more antivirus software to the server

Remove all third-party libraries

Implement rate limiting, lockout policies, and short-lived tokens

Force all users to log in daily

Use the same password for all accounts

Keep current design for convenience

Save logs in a spreadsheet once a week

Only log successful logins

Store logs long-term, enable real-time alerts, and review regularly

Remove logging entirely to save space

A known software bug

A coding style violation

A harmless system alert

A potential event that can exploit a vulnerability

Reduces the need for testing

Ensures no design changes are made

Detects and prevents security issues early

Removes all bugs

To make applications run faster

To reduce the size of application files

To enhance user interface design

To prevent vulnerabilities from being exploited

Deployment

Maintenance

Testing

Architectural design with threat modeling

Increased coding efficiency

Threat, vulnerability and risk

Faster application deployment

Reputation damage