- What are the common/shared risks and what are the different/unique risks faced by desktop applications versus web-based applications?
- What are secure coding practices and what risks are they intended to mitigate?
- How would you determine if an applications development project team was using secure coding practices?