D487 - Secure Software Design Knowledge Check and Quiz Exam Questions and Answers.
10 views 0 purchase
Course
D487 - Secure Software Design Knowledge Check and
Institution
D487 - Secure Software Design Knowledge Check And
D487 -SecureSoftware DesignKnowledgeCheck andQuiz
ExamQuestions and Answers.
1. What are the two common best principles of software applications in the
development process? - Correct Answer Quality Code & Secure Code
2. What ensures that the user has the appropriate role and privilege to view d...
D487 - Secure Software Design Knowledge Check and Quiz
Exam Questions and Answers.
1. What are the two common best principles of software applications in the
development process? - Correct Answer Quality Code & Secure Code
2. What ensures that the user has the appropriate role and privilege to view data? -
Correct Answer Authorization
3. Which security goal is defined by "guarding against improper information
modification or destruction and ensuring information non-repudiation and
authenticity"? - Correct Answer Integrity
4. Which phase in an SDLC helps to define the problem and scope of any existing
systems and determine the objectives of new systems? - Correct Answer Planning
5. What happens during a dynamic code review? - Correct Answer Programmers
monitor system memory, functional behavior, response times, and overall
performance.
6. How should you store your application user credentials in your application
database? - Correct Answer Store credentials using salted hashes
7. Which software methodology resembles an assembly-line approach? - Correct
Answer Waterfall model
8. Which software methodology approach provides faster time to market and higher
business value? - Correct Answer Agile model
9. In Scrum methodology, who is responsible for making decisions on the
requirements? - Correct Answer Product Owner
10. What is the product risk profile? - Correct Answer A security assessment
deliverable that estimates the actual cost of the product
, 11. A software security team member has been tasked with creating a deliverable that
provides details on where and to what degree sensitive customer information is
collected, stored, or created within a new product offering.
12. What does the team member need to deliver in order to meet the objective? -
Correct Answer Privacy impact assessment
13. A software security team member has been tasked with creating a threat model for
the login process of a new product.What is the first step the team member should
take? - Correct Answer Identify security objectives
14. What are three parts of the STRIDE methodology? - Correct Answer Spoofing,
Elevation, Tampering
15. What is the reason software security teams host discovery meetings with
stakeholders early in the development life cycle? - Correct Answer To ensure that
security is built into the product from the start
16. Why should a security team provide documented certification requirements during
the software assessment phase? - Correct Answer Depending on the environment
in which the product resides, certifications may be required by corporate or
government entities before the software can be released to customers.
17. What are two items that should be included in the privacy impact assessment plan
regardless of which methodology is used? - Correct Answer Required process
steps & Technologies and techniques
18. What are the goals of each SDL deliverable? - Product Risk Profile - Correct Answer
Estimate the actual cost of the product
19. What are the goals of each SDL deliverable? -SDL project outline - Correct Answer
Map security activities to the development schedule
20. What are the goals of each SDL deliverable? - Threat profile - Correct Answer
Guide security activities to protect the product from vulnerabilities
21. What are the goals of each SDL deliverable? -List of third-party software - Correct
Answer Identify the dependence on unmanaged software
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjosh. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $22.99. You're not tied to anything after your purchase.