A third party was engaged to develop a business application. Which of the following would an information security manager BEST test for the existence of back doors?

Last Updated on December 25, 2021 by Admin 2

A third party was engaged to develop a business application. Which of the following would an information security manager BEST test for the existence of back doors?

  • System monitoring for traffic on network ports
  • Security code reviews for the entire application
  • Reverse engineering the application binaries
  • Running the application from a high-privileged account on a test system
Explanation:

Security’ code reviews for the entire application is the best measure and will involve reviewing the entire source code to detect all instances of back doors. System monitoring for traffic on network ports would not be able to detect all instances of back doors and is time consuming and would take a lot of effort. Reverse engineering the application binaries may not provide any definite clues. Back doors will not surface by running the application on high-privileged accounts since back doors are usually hidden accounts in the applications.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments