Secure Programming Short Essay Questions-Trine University .

You can use the book(Security for Software Engineers By James Helfrich. CRC Press. ISBN: 978-1-138-58382-5) or other sources to complete the questions, however, make sure that you use your own words for all responses. If you choose to use any quotations from another source, provide a reference and link to that source. 1- Why is secure programming necessary in application development?2- What is input cleansing, and why is it so critical in secure programming? 3- What is a misuse case and how should it be used during application development? 4- What does it mean to have a security mentality? 5- Name and describe two security principles that programmers should follow: Principle of least privilege, Principle of fail-safe default. 6- Explain the difference between static and dynamic application testing? 7- During the systems development life cycle, when should security be addressed for an application? 8- Consider this photograph as a metaphor for application security. What can you learn from the photograph in terms of applying secure programming techniques? ( See the attached for the photograph 9- Describe for each (1) how the attack functions, and (2) how secure programming techniques can be used to protect against the attack: Cross-site scripting (XSS), SQL code injection