Secure Software Design and Development | Page 2

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of dependency vulnerability management?

A. ignoring security advisories B. using abandoned packages blindly C. tracking and fixing vulnerable libraries and packages D. never updating libraries

Correct Answer: C. tracking and fixing vulnerable libraries and packages

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about abuse case?

A. a harmless UI click B. a security-focused scenario of harmful or malicious use C. a release checklist only D. a normal payroll report

Correct Answer: B. a security-focused scenario of harmful or malicious use

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about dependency vulnerability management?

A. never updating libraries B. using abandoned packages blindly C. tracking and fixing vulnerable libraries and packages D. ignoring security advisories

Correct Answer: C. tracking and fixing vulnerable libraries and packages

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by security regression testing?

A. retesting to ensure fixed vulnerabilities do not reappear B. removing old test cases C. only testing new colors D. ignoring patched modules

Correct Answer: A. retesting to ensure fixed vulnerabilities do not reappear

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about control?

A. an ignored audit finding B. a missing password policy C. a safeguard that reduces likelihood or impact of risk D. an open admin panel

Correct Answer: C. a safeguard that reduces likelihood or impact of risk

Semester Exam Secure Software Design and Development InternationalHard

In secure software design and development, what is meant by secure build process?

A. ensuring build pipelines, artifacts and dependencies are protected and reproducible B. letting anyone modify releases C. building on infected machines D. skipping artifact signing

Correct Answer: A. ensuring build pipelines, artifacts and dependencies are protected and reproducible

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of security regression testing?

A. only testing new colors B. removing old test cases C. ignoring patched modules D. retesting to ensure fixed vulnerabilities do not reappear

Correct Answer: D. retesting to ensure fixed vulnerabilities do not reappear

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by security requirement traceability?

A. linking security requirements to design, code and tests B. losing requirement history C. renaming files randomly D. deleting test cases

Correct Answer: A. linking security requirements to design, code and tests

Semester Exam Secure Software Design and Development InternationalHard

Which statement best describes the purpose of secure build process?

A. skipping artifact signing B. letting anyone modify releases C. building on infected machines D. ensuring build pipelines, artifacts and dependencies are protected and reproducible

Correct Answer: D. ensuring build pipelines, artifacts and dependencies are protected and reproducible

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about security regression testing?

A. removing old test cases B. retesting to ensure fixed vulnerabilities do not reappear C. only testing new colors D. ignoring patched modules

Correct Answer: B. retesting to ensure fixed vulnerabilities do not reappear

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of security requirement traceability?

A. renaming files randomly B. linking security requirements to design, code and tests C. deleting test cases D. losing requirement history

Correct Answer: B. linking security requirements to design, code and tests

Semester Exam Secure Software Design and Development InternationalHard

For a semester exam, which option is correct about secure build process?

A. building on infected machines B. letting anyone modify releases C. skipping artifact signing D. ensuring build pipelines, artifacts and dependencies are protected and reproducible

Correct Answer: D. ensuring build pipelines, artifacts and dependencies are protected and reproducible

Secure Software Design and Development MCQs