CISSP - Software Development Security Mock Questions

In software acceptance testing, what is the purpose of the operational acceptance testing?

Options are :

  • To ensure the software performs as expected in our live environment vs. our development environment.
  • To ensure the software is as secure or more secure than the rules, laws and regulations of our industry.
  • To ensure the backups are in place, we have a DR plan: how patching is handled, and that the software is tested for vulnerabilities. (Correct)
  • To ensure the software is functional for and tested by the end user and the application manager.

Answer : To ensure the backups are in place, we have a DR plan: how patching is handled, and that the software is tested for vulnerabilities.

Explanation Operational acceptance testing: Does the software and all of the components it interacts with ready requirements for operation? Tested by system administrators; are the backups in place? Do we have a DR plan? How do we handle patching? Is it checked for vulnerabilities? Etc.

CISSP Security Engineering Certification Practice Exam Set 7

In Scrum project management, what is the Scrum master's role?

Options are :

  • Being a traditional project manager.
  • Representing the stakeholders/customers.
  • Developing the code/product at the end of each sprint.
  • Removing obstacles for the development team. (Correct)

Answer : Removing obstacles for the development team.

Explanation Scrum master: Facilitates and accountable for removing impediments to the ability of the team to deliver the product goals and deliverables. Not a traditional team lead or project manager but acts as a buffer between the team and any distracting influences. The scrum master ensures that the Scrum framework is followed.

Which of these is NOT a type of open-source software licensing?

Options are :

  • Oracle. (Correct)
  • Apache.
  • BSD.
  • GNU.

Answer : Oracle.

Explanation Open source software can be protected by a variety of licensing agreement. GNU (General Public License), BSD (Berkeley Software Distribution) and Apache are all examples of this.

In referential data bases, we are talking about entity integrity. What does that mean?

Options are :

  • When the database has errors
  • Each tuple has a unique primary value that is not null. (Correct)
  • When every foreign key in a secondary table matches the primary key in the parent table.
  • Each attribute value is consistent with the attribute data type.

Answer : Each tuple has a unique primary value that is not null.

Explanation Entity integrity: Each tuple (row) has a unique primary value that is not null.

CISSP Security Engineering Certification Practice Exam Set 4

What do we release when we want users to test our software, but we are disabling key features of the software?

Options are :

  • Bloatware.
  • Cripple ware. (Correct)
  • Freeware.
  • Shareware.

Answer : Cripple ware.

Explanation Cripple ware: Partially functioning proprietary software, often with key features disabled. The user is required to make a payment to unlock the full functionality.

We are wanting to use the most commonly used database management system (DBMS) in our organization. What should we implement?

Options are :

  • IBM DB2
  • ModoDB.
  • Oracle.
  • SQL. (Correct)

Answer : SQL.

Explanation DBMS (database management system): The most common is SQL or a SQL derivative. A computer software application that interacts with the user, other applications, and the database itself to capture and analyze data. A general-purpose DBMS is designed to allow the definition, creation, querying, update, and administration of databases. MySQL, PostgreSQL, MongoDB, MariaDB, Microsoft SQL Server, Oracle, Sybase, SAP HANA, SQLite and IBM DB2.

What would we do to mitigate injection attacks (OWASP A1)?

Options are :

  • Input length limitations. (Correct)
  • Remove default passwords and usernames.
  • Captcha.
  • Random session IDs.

Answer : Input length limitations.

Explanation A1 Injection: Can be any code injected into user forms; often seen is SQL/LDAP. Attackers can do this because our software does not use the following: strong enough input validation and data type limitations on input fields; input length limitations. The fix is to do just that; we only allow users to input appropriate data into the fields, only letters in names, numbers in phone number, have dropdowns for country and state (if applicable), we limit how many characters people can use per cell, etc.

CISSP - Mock Questions with all domains

In which of these project management methodologies do we use a linear approach, where 2 phases are overlapping, and when we close one phase we start the next?

Options are :

  • Sashimi. (Correct)
  • Spiral.
  • Agile.
  • Waterfall

Answer : Sashimi.

Explanation Sashimi model (Waterfall with overlapping phases): Similar to waterfall, but we always have 2 overlapping phases, if we close one phase, we add the next phase. The modified waterfall model allows us to go back to the previous phase but no further.

Which programming language often saves data as an executable file? The file is saved once and executed many times.

Options are :

  • Compiled languages. (Correct)
  • Interpreted languages.
  • Assembled language.
  • Source code.

Answer : Compiled languages.

Explanation Compiled Languages: Translates the higher level language into machine code and saves, often as executables. Compiled once and run multiple times.

Which project management methodology uses a linear approach where each phase leads into the next and you can't go back to a previous phase?

Options are :

  • Waterfall. (Correct)
  • Spiral.
  • Agile.
  • Sashimi.

Answer : Waterfall.

Explanation Waterfall: Very linear, each phase leads directly into the next. The unmodified waterfall model does not allow us to go back to the previous phase.

CISSP Security Engineering Certification Practical Exam Set 10

What would we do to mitigate unvalidated redirects and forwarding (OWASP 2013 A10)?

Options are :

  • Encrypt all data at rest or in transit.
  • Ensuring we use code and objects that are not deprecated.
  • User training and awareness. (Correct)
  • Random session IDs.

Answer : User training and awareness.

Explanation 2013 A10 Unvalidated Redirects and forwarding. Not confirming URL's forward and redirect us to the right page. Mitigated with user awareness and spider our site to see if it generates any redirects (HTTP response codes 300-307, typically 302.

What would we do to mitigate insufficient detection and response (OWASP A7)?

Options are :

  • Not patching servers.
  • Random session IDs.
  • Do a lessons learned after an incident and implement countermeasures. (Correct)
  • Centralized implementation.

Answer : Do a lessons learned after an incident and implement countermeasures.

Explanation A7 Insufficient Detection and Response (NEW). Not detecting we have been compromised, due to lack of controls, detection applications. Not performing our due diligence and due care on our applications, systems, and our response to compromise. Not responding in a proper way to compromise, not informing anyone, informing too late or just ignoring the incident (at best plugging the leak). We need to not just protect against this attack, but future similar attacks, patch software and applications, close ports.

In a relational database, what is the parent table's primary key seen as in the child table?

Options are :

  • Primary key.
  • Foreign key. (Correct)
  • Reference key.
  • Secondary key.

Answer : Foreign key.

Explanation Foreign key: They are in relational databases the matching primary key of a parent database table. It is always the primary key in the local DB. Seen from the child table the child key is the primary key and the foreign key is the primary key of the parent table.

CISSP - Security Assessment and Testing Mock

When we look at software development, security should ALWAYS be what?

Options are :

  • Added when we are compromised.
  • Designed into the software. (Correct)
  • Added only in important areas.
  • Added on later.

Answer : Designed into the software.

Explanation Security should be designed into the software and be part of the initial requirements, just as functionality is. The more breaches and compromises there are, the more we see the move towards security being part of the scope of the software design project. We use software at our jobs, in our personal lives, our homes, cars, power, water, etc. It is everywhere and it has been and still is common to write functional code. Security is an afterthought or not considered at all.

Which of these is NOT an example of broken authentication or session management (OWASP A2)?

Options are :

  • Session IDs are kept in plaintext.
  • Session IDs are predictable.
  • Session IDs are pseudo random. (Correct)
  • Session never expires.

Answer : Session IDs are pseudo random.

Explanation A2 Broken Authentication and Session Management. Sessions do not expire or take too long to expire. Session IDs are predictable. 001, 002, 003, 004, etc. Tokens, session IDs, Passwords, etc., are kept in plaintext. Pseudo random session IDs would be a broken authentication counter measure.

When we buy software from a vendor, what should we ALWAYS do?

Options are :

  • Perform a full security assessment to determine if they meet our security posture. (Correct)
  • Trust the vendors security claims.
  • Assume it is secure enough for our organization since others use it already.
  • Look at reviews, and if they are good we can go ahead and buy it.

Answer : Perform a full security assessment to determine if they meet our security posture.

Explanation Buying software from other companies: When we buy software from vendors either COTS (Commercial Off The Shelf) or custom built software we need to ensure it is as secure as we need it to be. Vendors claims of security posture should until proven be seen as marketing claims. We need to do our due care and due diligence, as well as use outside council if needed.

CISSP-ISSAP Information Systems Security Architecture Exam Set 3

Which project management methodology, welcomes changing requirements, frequent deliveries, and uses face-to-face meetings?

Options are :

  • Spiral.
  • Sashimi.
  • Waterfall
  • Agile. (Correct)

Answer : Agile.

Explanation Agile software development: Describes a set of values and principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams. Uses adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change.

What is happening when we experience buffer overflows?

Options are :

  • User session IDs or tokens are stolen.
  • The buffer overruns its boundaries and overwrites adjacent memory locations. (Correct)
  • We are not using SSL/TLS.
  • The buffer overruns its boundaries and overwrites adjacent hard disk locations.

Answer : The buffer overruns its boundaries and overwrites adjacent memory locations.

Explanation Buffer overflow (buffer overrun): An anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations, happen from improper coding when a programmer fails to perform bounds checking. Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs, if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, if an anomalous transaction produces more data it could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes. By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code, and replace it with malicious code.

Why would an organization offer to use a source code escrow to their customers?

Options are :

  • To make our source code publicly available.
  • So the customer has access to the source code if we go bankrupt. (Correct)
  • To ensure the code is tested completely.
  • Because we want them to see the source code whenever they want to.

Answer : So the customer has access to the source code if we go bankrupt.

Explanation Source code escrow: The deposit of the source code of software with a third party escrow agent. Escrow is typically requested by a party licensing software (the licensee), to ensure maintenance of the software instead of abandonment or orphaning. The software source code is released to the licensee if the licensor files for bankruptcy or otherwise fails to maintain and update the software as promised in the software license agreement.

CISSP - Security Operations Mock Questions

Bob is doing cleanups on one of our databases. He has found entries that do not match the data type. Which kind of integrity error is this?

Options are :

  • Referential.
  • Semantic. (Correct)
  • Entity.
  • Foreign.

Answer : Semantic.

Explanation Semantic integrity: Each attribute value is consistent with the attribute data type.

Which type of these software types can be copyright protected?

Options are :

  • Open source.
  • Proprietary software. (Correct)
  • Closed source.
  • Prevented software.

Answer : Proprietary software.

Explanation Proprietary software: Software protected by intellectual property and/or patents, often used interchangeably with Closed Source software, but it really is not. It can be both Open and Closed Source software. Any software not released into the public domain is protected by copyright.

Jane is using relational databases. Which of these would be a TRUE statement if she is talking about tuple values?

Options are :

  • Represents one entity. (Correct)
  • Represent values attributed to that instance.
  • Are unique.
  • Lists the person's SSN.

Answer : Represents one entity.

Explanation Relational model: Organizes data into one or more tables (or relations) of columns and rows, with a unique key identifying each row. Rows are also called records or tuples. Each table/relation represents one entity type.

CISSP Security Engineering Certification Practice Exam Set 9

We are implementing e-vaulting. How does it help us recover from a data loss on our primary systems?

Options are :

  • It makes an exact real time copy at another location, this can be another local disk or preferred remote to another type of media.
  • It uses a remote backups service that sends backups files electronically offsite at a certain interval or when the files change. (Correct)
  • It takes a full backup of our database once a week to tape.
  • It sends transaction logs to a remote location, but not the files themselves. We can rebuild the transactions from he logs.

Answer : It uses a remote backups service that sends backups files electronically offsite at a certain interval or when the files change.

Explanation Electronic vaulting (e-vaulting): Using a remote backup service, backups are sent off-site electronically at a certain interval or when files change.

In which database normalization form would we divide the data into tables?

Options are :

  • 3rd normal form.
  • 2nd normal form.
  • 1st normal form. (Correct)
  • 4th normal form.

Answer : 1st normal form.

Explanation Database normalization: Used to clean up the data in a database table to make it logically concise, organized, and consistent. Removes redundant data, and improves the integrity and availability of the database. Normalization has three forms (rules): First Normal Form: Divides the base data into tables, primary key is assigned to most or all tables. Second Normal Form: Move data that is partially dependent on the primary key to another table. Third normal Form: Remove data that is not dependent on the primary key.

Bob is looking at GUI builders for an upcoming project. Which type of methodology is Bob MOST LIKELY going to use?

Options are :

  • RAD. (Correct)
  • Agile.
  • Prototyping.
  • Spiral.

Answer : RAD.

Explanation RAD (Rapid Application Development): Puts an emphasize adaptability and the necessity of adjusting requirements in response to knowledge gained as the project progresses. Prototypes are often used in addition to or sometimes even in place of design specifications. Very suited for developing software that is driven by user interface requirements. GUI builders are often called rapid application development tools.

CISSP - Identity and Access Management (IAM)

When we click the "I agree" button on a software license, what is it we are agreeing to?

Options are :

  • EULA. (Correct)
  • GNU.
  • EMLA.
  • BSD.

Answer : EULA.

Explanation EULAs (End-User License Agreements): Electronic form where the user clicks “I agree? to the software terms and conditions while installing the software.

What is the difference between freeware and shareware?

Options are :

  • Freeware is free with no time restrictions, shareware is free for a limited amount of time. (Correct)
  • Freeware is free for a limited amount of time, shareware is free with no time restrictions.
  • They are the same thing, there is no difference.
  • Freeware is free forever, shareware you buy it, but you are allowed to share it.

Answer : Freeware is free with no time restrictions, shareware is free for a limited amount of time.

Explanation Freeware: Actually free software, it is free of charge to use. Shareware: Fully functional proprietary software that is initially free to use. Often for trials to test the software, after 30 days you have to pay to continue to use.

Which type of programming languages are written in text and is understandable by humans?

Options are :

  • Assembler language.
  • Compiler language.
  • Source code. (Correct)
  • Machine code.

Answer : Source code.

Explanation Source Code: Computer programming language, written in text and is human understandable, translated into machine code.

CISSP Security and Risk Management Certified Practice Exam Set 4

As part of the annual board retreat, senior management is wanting to put a face on the IT organization and thinks Jane is a great candidate for it. They have asked her to talk briefly about native XML vulnerabilities. Which type of database does XML use?

Options are :

  • Hierarchical.
  • Relational.
  • Document-oriented. (Correct)
  • Object-oriented.

Answer : Document-oriented.

Explanation A document-oriented database, or document store, is a computer program designed for storing, retrieving and managing document-oriented information. XML databases are a subclass of document-oriented databases that are optimized to work with XML documents.

Which type of software development uses programming pairs?

Options are :

  • XP. (Correct)
  • Waterfall.
  • Scrum.
  • Agile.

Answer : XP.

Explanation XP (Extreme programming) uses programming in pairs or doing extensive code review. Intended to improve software quality and responsiveness to changing customer requirements. Uses advocates frequent releases in short development cycles, intended to improve productivity and introduce checkpoints at which new customer requirements can be adopted.

In database query languages, which would use these statements: CREATE, ALTER, and DROP

Options are :

  • DML.
  • DRP.
  • DDL. (Correct)
  • BGP.

Answer : DDL.

Explanation Data Definition Language (DDL): A standard for commands that define the different structures in a database. Creates, modifies, and removes database objects such as tables, indexes, and users. Common DDL statements are CREATE, ALTER, and DROP.

CISSP Security Engineering Certification Practice Exam Set 6

In Scrum project management, what is the development team’s role?

Options are :

  • Removing obstacles for the development team.
  • Developing the code/product at the end of each sprint. (Correct)
  • Being a traditional project manager.
  • Representing the stakeholders/customers.

Answer : Developing the code/product at the end of each sprint.

Explanation Development team: Responsible for delivering the product at the end of each sprint (sprint goal). The team is made up of 3–9 individuals who do the actual work (analysis, design, develop, test, technical communication, document, etc.).

We are finishing our software development and we are doing the software acceptance testing. What is the purpose of user acceptance testing?

Options are :

  • To ensure the software is functional for and tested by the end user and the application manager. (Correct)
  • To ensure the software perform as expected in our live environment vs. our development environment.
  • To ensure the backups are in place, we have a DR plan, how patching is handled and that the software is tested for vulnerabilities.
  • To ensure the software is as secure or more secure than the rules, laws and regulations of our industry.

Answer : To ensure the software is functional for and tested by the end user and the application manager.

Explanation The User Acceptance test: Is the software functional for the users who will be using it, it is tested by the users and application managers.

Object-oriented programming tends to lean towards which programming process?

Options are :

  • Cripple ware.
  • Sashimi.
  • Bottom-up. (Correct)
  • Top-down.

Answer : Bottom-up.

Explanation Bottom-up Programming: Piecing together of systems to build more complex systems, making the original systems a sub-system of the overarching system. OOP leans tends toward Bottom-Up, you start by developing your objects and build up.

CISSP Security Engineering Certification Practical Exam Set 2

Which software project management methodology is based on responding to change rather than following a plan?

Options are :

  • Spiral.
  • Sashimi.
  • Agile. (Correct)
  • Waterfall

Answer : Agile.

Explanation Agile software development: Describes a set of values and principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams. Uses adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change.

Which Agile software development methodology makes use of a master?

Options are :

  • Scrum. (Correct)
  • XP.
  • Sashimi.
  • Spiral.

Answer : Scrum.

Explanation Scrum master: Facilitates and accountable for removing impediments to the ability of the team to deliver the product goals and deliverables. Not a traditional team lead or project manager but acts as a buffer between the team and any distracting influences. The scrum master ensures that the Scrum framework is followed.

We are implementing database shadowing. How does it help us ensure we can recover from a data loss on our primary systems?

Options are :

  • It uses a remote backups service that sends backup files electronically offsite at a certain interval or when the files change.
  • It makes an exact real time copy at another location, this can be another local disk or preferred remote to another type of media. (Correct)
  • It takes a full backup of our database once a week to tape.
  • It sends transaction logs to a remote location, but not the files themselves. We can rebuild the transactions from the logs.

Answer : It makes an exact real time copy at another location, this can be another local disk or preferred remote to another type of media.

Explanation Database shadowing: Exact real time copy of the database or files to another location. It can be another disk in the same server, but best practices dictates another geographical location, often on a different media.

CISSP - Security and Risk Management Pratice Questions

Which type of query languages would use SELECT, DELETE, INSERT, and DROP?

Options are :

  • DML. (Correct)
  • DRP.
  • DDR.
  • DDL.

Answer : DML.

Explanation Data Manipulation Language (DML). Used for selecting, inserting, deleting and updating data in a database. Common DML statements are SELECT, DELETE, INSERT, UPDATE.

In CASE programming, designers use these categories of tools, EXCEPT which?

Options are :

  • References. (Correct)
  • Tools.
  • Environments.
  • Workbenches.

Answer : References.

Explanation CASE (Computer-Aided Software Engineering): Similar to and were partly inspired by computer-aided design (CAD) tools used for designing hardware products. Used for developing high-quality, defect-free, and maintainable software. Often associated with methods for the development of information systems together with automated tools that can be used in the software development process. CASE software is classified into 3 categories: Tools support specific tasks in the software life-cycle. Workbenches combine two or more tools focused on a specific part of the software life-cycle. Environments combine two or more tools or workbenches and support the complete software life-cycle.

An artificial neural network (ANN) tries to emulate a brain. Which of these is NOT TRUE about ANNs?

Options are :

  • They can analyze images where they know a fact about, this could be "gecko" or "no gecko", the more images they process the better they become at recognizing the fact.
  • They use rule based programming and a lot of IF/THEN statements. (Correct)
  • They are organized in layers, different layers perform different transformations on their input.
  • They are mostly used in areas that are difficult to express in a traditional computer algorithm using rule based programming.

Answer : They use rule based programming and a lot of IF/THEN statements.

Explanation ANNs do not use IF/THEN statements.

CISSP-ISSAP Information Systems Security Architecture Exam Set 6

In Agile XP software development, we would normally do all of these, EXCEPT what?

Options are :

  • Programming pairs.
  • Expect changing requirements.
  • Unit testing of all code.
  • Use daily stand-up meetings. (Correct)

Answer : Use daily stand-up meetings.

Explanation XP (Extreme programming): Intended to improve software quality and responsiveness to changing customer requirements. Uses advocates frequent releases in short development cycles, intended to improve productivity and introduce checkpoints at which new customer requirements can be adopted. XP uses: Programming in pairs or doing extensive code review. Unit testing of all code. Avoiding programming of features until they are actually needed. Flat management structure. Code simplicity and clarity. Expecting changes in the customer's requirements as time passes and the problem is better understood. Frequent communication with the customer and among programmers.

When our organization is buying custom developed third party software, which of these should NOT be a concern?

Options are :

  • What other companies who have implemented the exact same software says about it. (Correct)
  • Who owns the code.
  • How good are they at what they do.
  • Who will support it when development is completed.

Answer : What other companies who have implemented the exact same software says about it.

Explanation We should address support, who owns the code and how good the software development company is, we can't really see what other companies say about the software it is being custom developed for us.

In object-oriented analysis and design (OOAD), which would be used heavily by both the object-oriented analysis and design?

Options are :

  • OOD.
  • OOR.
  • OOM. (Correct)
  • OOA.

Answer : OOM.

Explanation OOM (Object-oriented modeling): Common approach to modeling applications, systems, and business domains by using the object-oriented paradigm throughout the entire development life cycles. Heavily used by both OOA and OOD activities in modern software engineering.

CISSP Security Engineering Certification Practice Exam Set 2

Jane is leading a software development team. She is using the spiral model for this project, which of these is NOT one of the phases?

Options are :

  • Planning.
  • Engineering.
  • Risk analysis
  • Initiation. (Correct)

Answer : Initiation.

Explanation The spiral model: A risk-driven process model generator for software projects. The spiral model has four phases: Planning, Risk Analysis, Engineering and Evaluation. A software project repeatedly passes through these phases in iterations (called Spirals in this model). The baseline spiral, starting in the planning phase, requirements are gathered and risk is assessed. Each subsequent spirals builds on the baseline spiral.

Looking at different database query languages, which of them would use these statements? SELECT, DELETE, INSERT, and UPDATE.

Options are :

  • DRP.
  • BGP.
  • DDL.
  • DML. (Correct)

Answer : DML.

Explanation Data Manipulation Language (DML): Used for selecting, inserting, deleting and updating data in a database. Common DML statements are SELECT, DELETE, INSERT, UPDATE.

In the software capability maturity model, at which level are some processes "possibly repeatable with consistent results"?

Options are :

  • Level 3.
  • Level 2. (Correct)
  • Level 1.
  • Level 4.

Answer : Level 2.

Explanation Level 2: Repeatable This level of maturity that some processes are repeatable, possibly with consistent results. Process discipline is unlikely to be rigorous, but where it exists it may help to ensure that existing processes are maintained during times of stress.

CISSP Security Engineering Certification Practice Exam Set 8

We are implementing remote journaling. How does it help us ensure we can recover from a data loss on our primary systems?

Options are :

  • It makes an exact real time copy at another location, this can be another local disk or preferred remote to another type of media.
  • It uses a remote backups service that sends backups files electronically offsite at a certain interval or when the files change.
  • It sends transaction logs to a remote location, but not the files themselves. We can rebuild the transactions from the logs. (Correct)
  • It takes a full backup of our database once a week to tape.

Answer : It sends transaction logs to a remote location, but not the files themselves. We can rebuild the transactions from the logs.

Explanation Remote journaling: Sends transaction log files to a remote location, not the files themselves. The transactions can be rebuilt from the logs if we lose the original files.

You are discussing 4th generation programming languages with a colleague. Which of these are 4th generation languages? (Select all that apply).

Options are :

  • PHP. (Correct)
  • Java
  • Perl. (Correct)
  • Cobol.
  • SQL. (Correct)

Answer : PHP. Perl. SQL.

Explanation 4th Generation languages (4GL): Fourth-generation languages are designed to reduce programming effort and the time it takes to develop software, resulting in a reduction in the cost of software development. Increases the efficiency by automating the creation of machine code. Often uses a GUI, drag and drop, and then generating the code, often used for websites, databases and reports. 4th Generation languages include ColdFusion, Progress 4GL, SQL, PHP, Perl, etc. Java and Cobol are 3rd generation languages.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions