Secure Software Design and Development MCQs with Answers

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by defense in depth?

A. relying only on obscurity B. using one password everywhere C. using multiple layers of controls so failure of one control does not expose the whole system D. disabling backups

Correct Answer: C. using multiple layers of controls so failure of one control does not expose the whole system

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of secure design review?

A. only selecting fonts B. ignoring threat models C. only checking spelling D. examining architecture to identify security weaknesses before implementation

Correct Answer: D. examining architecture to identify security weaknesses before implementation

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about Bell-LaPadula model?

A. a password reuse policy B. a web session model C. an integrity-only accounting model D. a confidentiality model focused on preventing unauthorized information disclosure

Correct Answer: D. a confidentiality model focused on preventing unauthorized information disclosure

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by functional security requirement?

A. a required security function such as authentication or access control B. a font choice C. a marketing slogan D. a preferred office location

Correct Answer: A. a required security function such as authentication or access control

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of defense in depth?

A. relying only on obscurity B. disabling backups C. using multiple layers of controls so failure of one control does not expose the whole system D. using one password everywhere

Correct Answer: C. using multiple layers of controls so failure of one control does not expose the whole system

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about secure design review?

A. ignoring threat models B. only selecting fonts C. only checking spelling D. examining architecture to identify security weaknesses before implementation

Correct Answer: D. examining architecture to identify security weaknesses before implementation

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by Clark-Wilson model?

A. a browser caching rule B. a confidentiality-only model C. an integrity model based on well-formed transactions and separation of duties D. a network routing protocol

Correct Answer: C. an integrity model based on well-formed transactions and separation of duties

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of functional security requirement?

A. a marketing slogan B. a required security function such as authentication or access control C. a preferred office location D. a font choice

Correct Answer: B. a required security function such as authentication or access control

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about defense in depth?

A. relying only on obscurity B. disabling backups C. using multiple layers of controls so failure of one control does not expose the whole system D. using one password everywhere

Correct Answer: C. using multiple layers of controls so failure of one control does not expose the whole system

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by design process?

A. publishing unreviewed code B. random coding without planning C. an organized sequence for translating requirements into architecture and detailed design D. testing after deletion

Correct Answer: C. an organized sequence for translating requirements into architecture and detailed design

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of Clark-Wilson model?

A. an integrity model based on well-formed transactions and separation of duties B. a network routing protocol C. a confidentiality-only model D. a browser caching rule

Correct Answer: A. an integrity model based on well-formed transactions and separation of duties

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about functional security requirement?

A. a marketing slogan B. a required security function such as authentication or access control C. a preferred office location D. a font choice

Correct Answer: B. a required security function such as authentication or access control