D487 Secure Software Design Questions and Complete Solutions.
4 views 0 purchase
Course
D487 Secure Software
Institution
D487 Secure Software
D487SecureSoftwareDesignQuestionsandComplete
Solutions.
What are the two common best principles of software applications in the development
process? Choose 2 answers.
Quality code
Secure code
Information security
Integrity
Availability - Correct Answer Quality code
Secure code
"Quality co...
D487 Secure Software Design Questions and Complete
Solutions.
What are the two common best principles of software applications in the development
process? Choose 2 answers.
Quality code
Secure code
Information security
Integrity
Availability - Correct Answer Quality code
Secure code
"Quality code" is correct. Quality code is efficient code that is easy to maintain and
reusable.
"Secure code" is correct. Secure code authorizes and authenticates every user
transaction, logs the transaction, and denies all unauthorized requisitions.
What ensures that the user has the appropriate role and privilege to view data?
Authentication
Multi-factor authentication
Encryption
Information security
Authorization - Correct Answer Authorization
Authorization ensures a user's information and credentials are approved by the system.
Which security goal is defined by "guarding against improper information modification or
destruction and ensuring information non-repudiation and authenticity"?
Integrity
Quality
Availability
Reliability - Correct Answer Integrity
,The data must remain unchanged by unauthorized users and remain reliable from the data
entry point to the database and back.
Which phase in an SDLC helps to define the problem and scope of any existing systems
and determine the objectives of new systems?
Requirements
Design
Planning
Testing - Correct Answer Planning
The planning stage sets the project schedule and looks at the big picture.
What happens during a dynamic code review?
Programmers monitor system memory, functional behavior, response times, and overall
performance.
Customers perform tests to check software meets requirements.
An analysis of computer programs without executing them is performed.
Input fields are supplied with unexpected input and tested. - Correct Answer Programmers
monitor system memory, functional behavior, response times, and overall performance.
How should you store your application user credentials in your application database?
Use application logic to encrypt credentials
Store credentials as clear text
Store credentials using Base 64 encoded
Store credentials using salted hashes - Correct Answer Store credentials using salted
hashes
Hashing is a one-way process that converts a password to ciphertext using hash
algorithms. Password salting adds random characters before or after a password prior to
hashing to obfuscate the actual password.
Which software methodology resembles an assembly-line approach?
V-model
Agile model
Iterative model
, Waterfall model - Correct Answer Waterfall model
Waterfall model is a continuous software development model in which the development
steps flow steadily downwards.
Which software methodology approach provides faster time to market and higher business
value?
Iterative model
Waterfall model
V-model
Agile model - Correct Answer Agile model
In the agile model, projects are divided into small incremental builds that provide working
software at the end of each iteration and adds value to business.
In Scrum methodology, who is responsible for making decisions on the requirements?
Scrum Team
Product Owner
ScrumMaster
Technical Lead - Correct Answer Product Owner
The Product Owner is responsible for requirements/backlog items and prioritizing them.
What is the reason software security teams host discovery meetings with stakeholders
early in the development life cycle?
To determine how much budget is available for new security tools
To meet the development team
To refactor functional requirements to ensure security is included
To ensure that security is built into the product from the start - Correct Answer To ensure
that security is built into the product from the start
To correctly and cost-effectively introduce security into the software development life
cycle, it needs to be done early.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjosh. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $25.49. You're not tied to anything after your purchase.
