Secure Software Design and Development MCQs with Answers

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about attack surface reduction?

A. minimizing exposed entry points, services and interfaces attackers can abuse B. opening all ports C. removing all logging D. publishing private keys

Correct Answer: A. minimizing exposed entry points, services and interfaces attackers can abuse

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by separation of duties?

A. giving all duties to one user B. removing approvals C. sharing one account among staff D. dividing responsibilities so no single actor can complete a sensitive process alone

Correct Answer: D. dividing responsibilities so no single actor can complete a sensitive process alone

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about secure software requirements?

A. only page layout preferences B. only code indentation style C. security needs and constraints that the software must satisfy D. random developer wishes

Correct Answer: C. security needs and constraints that the software must satisfy

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by least privilege?

A. disabling all access control B. giving users and processes only the permissions needed to perform their tasks C. granting administrator rights to everyone D. sharing root passwords

Correct Answer: B. giving users and processes only the permissions needed to perform their tasks

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of separation of duties?

A. removing approvals B. sharing one account among staff C. dividing responsibilities so no single actor can complete a sensitive process alone D. giving all duties to one user

Correct Answer: C. dividing responsibilities so no single actor can complete a sensitive process alone

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by sources of security requirements?

A. only screen size B. only coffee breaks C. laws, standards, threat models, business needs and stakeholder expectations D. only developer mood

Correct Answer: C. laws, standards, threat models, business needs and stakeholder expectations

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of least privilege?

A. giving users and processes only the permissions needed to perform their tasks B. granting administrator rights to everyone C. disabling all access control D. sharing root passwords

Correct Answer: A. giving users and processes only the permissions needed to perform their tasks

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about separation of duties?

A. removing approvals B. giving all duties to one user C. sharing one account among staff D. dividing responsibilities so no single actor can complete a sensitive process alone

Correct Answer: D. dividing responsibilities so no single actor can complete a sensitive process alone

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of sources of security requirements?

A. only developer mood B. only screen size C. laws, standards, threat models, business needs and stakeholder expectations D. only coffee breaks

Correct Answer: C. laws, standards, threat models, business needs and stakeholder expectations

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about least privilege?

A. disabling all access control B. granting administrator rights to everyone C. giving users and processes only the permissions needed to perform their tasks D. sharing root passwords

Correct Answer: C. giving users and processes only the permissions needed to perform their tasks

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by secure design review?

A. ignoring threat models B. only checking spelling C. examining architecture to identify security weaknesses before implementation D. only selecting fonts

Correct Answer: C. examining architecture to identify security weaknesses before implementation

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about sources of security requirements?

A. only developer mood B. laws, standards, threat models, business needs and stakeholder expectations C. only coffee breaks D. only screen size

Correct Answer: B. laws, standards, threat models, business needs and stakeholder expectations