Secure Software Design and Development MCQs with Answers

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of compliance?

A. using only informal practices B. ignoring audit evidence C. meeting required laws, regulations, standards and organizational policies D. deleting logs always

Correct Answer: C. meeting required laws, regulations, standards and organizational policies

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about risk management?

A. ignoring vulnerabilities B. identifying, analyzing, prioritizing and treating security risks C. accepting every risk blindly D. removing all documentation

Correct Answer: B. identifying, analyzing, prioritizing and treating security risks

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by OWASP testing guide?

A. a network cable standard B. a UI color palette C. a payroll policy D. guidance for testing web application security controls and weaknesses

Correct Answer: D. guidance for testing web application security controls and weaknesses

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of OSSTMM?

A. a mobile app store B. a methodology manual for structured open source security testing C. a relational database language D. an image editing tool

Correct Answer: B. a methodology manual for structured open source security testing

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about compliance?

A. meeting required laws, regulations, standards and organizational policies B. using only informal practices C. ignoring audit evidence D. deleting logs always

Correct Answer: A. meeting required laws, regulations, standards and organizational policies

Semester Exam Secure Software Design and Development InternationalEasy

In secure software design and development, what is meant by coding standards?

A. rules for office attendance only B. marketing policies C. database backup media only D. rules that guide developers to write consistent, safer and maintainable code

Correct Answer: D. rules that guide developers to write consistent, safer and maintainable code

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of OWASP testing guide?

A. guidance for testing web application security controls and weaknesses B. a network cable standard C. a payroll policy D. a UI color palette

Correct Answer: A. guidance for testing web application security controls and weaknesses

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about OSSTMM?

A. a mobile app store B. a relational database language C. a methodology manual for structured open source security testing D. an image editing tool

Correct Answer: C. a methodology manual for structured open source security testing

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by Bell-LaPadula model?

A. an integrity-only accounting model B. a password reuse policy C. a confidentiality model focused on preventing unauthorized information disclosure D. a web session model

Correct Answer: C. a confidentiality model focused on preventing unauthorized information disclosure

Semester Exam Secure Software Design and Development InternationalEasy

Which statement best describes the purpose of coding standards?

A. database backup media only B. rules for office attendance only C. marketing policies D. rules that guide developers to write consistent, safer and maintainable code

Correct Answer: D. rules that guide developers to write consistent, safer and maintainable code

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about OWASP testing guide?

A. a network cable standard B. a UI color palette C. guidance for testing web application security controls and weaknesses D. a payroll policy

Correct Answer: C. guidance for testing web application security controls and weaknesses

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by Zachman Framework?

A. a malware sandbox B. an enterprise architecture framework that organizes system views and perspectives C. an SQL injection filter D. a password manager

Correct Answer: B. an enterprise architecture framework that organizes system views and perspectives