Software Development Life Cycle (SDLC): A structured process that enables the production of software
What are the 8 phases of the Software Development Lifecycle (SDLC)?: plan- ning
requirements design implementation testing deployment maintenance end of life
SDLC Phase 1: planning - a vision and...
D487 - SECURE SOFTWARE DESIGN 2024 VERIFIED
QUESTIONS AND ANSWERS 100% CORRECT
Software Development Life Cycle (SDLC): A structured process that enablesthe
production of software
What are the 8 phases of the Software Development Lifecycle (SDLC)?: plan-ning
requirements design implementation testing deployment maintenance end of life
SDLC Phase 1: planning - a vision and next steps are created
SDLC Phase 2: requirements - necessary software requirements are determined
SDLC Phase 3: design - requirements are prepared for the technical design
SDLC Phase 4: implementation - the resources involved in the application froma known
resource are determined
SDLC Phase 5: testing - software is tested to verify its functions through a known
environment
SDLC Phase 6: deployment - security is pushed out
SDLC Phase 7: maintenance - ongoing security monitoring is implemented
SDLC Phase 8: end of life - the proper steps for removing software completelyare
considered
Security Development Life Cycle (SDL): A process that standardizes securitybest
practices
Secure Code: A principle design in coding that refers to code security bestpractices,
safeguards, and protection against vulnerabilities
Threat Modeling: A structured process to protect against vulnerabilities
process to pinpoint security threats and potential vulnerabilities that will help priori-tize
remediation
Application Security: developing, adding, and testing security features to pre-vent
vulnerabilities within applications
Building Security in Maturing Model (BSIMM): a study of real-world softwaresecurity
that allows you to develop your software security over time
OWASP Software Assurance Maturity Model (SAMM): flexible framework forbuilding
, D487 - SECURE SOFTWARE DESIGN 2024 VERIFIED
QUESTIONS AND ANSWERS 100% CORRECT
security into a software development organization
Open Web Application Security Project (OWASP): A flexible and prospectiveframewor
to build security into your software development organization for web applications
Static Analysis: the analysis of computer software that is performed withoutexecuting
programs
Dynamic Analysis: the analysis of computer software that is performed whenexecuting
programs on a real or virtual processor in real time
Fuzz Testing: automated or semi-automated testing that provides invalid, unex-pected, or
random data to the computer software program
National Institute of Standards and Technology (NIST): provides research,
information, and tools for government and corporate information security
Measurement Model: A set of data security methods that developers take toprotect
against vulnerabilities
Metric Model: Allows an organization to determine the effectiveness of itssecurity controls
Waterfall Development: software development methodology that breaks down
development activities into linear sequential phases; each phase depends on the
deliverables of the previous one and corresponds to a specialization of tasks
Waterfall Phases (typical): plan -> build -> test -> review -> deploy
Iterative Waterfall Development: each phase of a project is broken down intoits own
waterfall phases
Agile Development: software development methodology that delivers function-ality in
rapid iterations called timeboxes, requiring limited planning but frequent communication.
Mizes traditional and new software development practices.
Scrum: framework for Agile that prescribes for teams to break work into goalsto be
completed within sprints
flexible, holistic product development strategy where a development team works asa unit to
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
√ Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ACELEARNERS. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €17,28. Je zit daarna nergens aan vast.
