Secure Software Design and Development MCQs with Answers

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of Bell-LaPadula model?

A. a web session model B. an integrity-only accounting model C. a confidentiality model focused on preventing unauthorized information disclosure D. a password reuse policy

Correct Answer: C. a confidentiality model focused on preventing unauthorized information disclosure

Semester Exam Secure Software Design and Development InternationalEasy

For a semester exam, which option is correct about coding standards?

A. marketing policies B. rules for office attendance only C. rules that guide developers to write consistent, safer and maintainable code D. database backup media only

Correct Answer: C. rules that guide developers to write consistent, safer and maintainable code

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by Socratic methodology?

A. using structured questioning to discover assumptions, weaknesses and design reasoning B. copying code without review C. deploying directly to production D. using only automated formatting

Correct Answer: A. using structured questioning to discover assumptions, weaknesses and design reasoning

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of Zachman Framework?

A. a password manager B. a malware sandbox C. an SQL injection filter D. an enterprise architecture framework that organizes system views and perspectives

Correct Answer: D. an enterprise architecture framework that organizes system views and perspectives

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by NIST standards?

A. security guidance and frameworks published by the National Institute of Standards and Technology B. a programming language compiler C. a social media policy only D. a malware family

Correct Answer: A. security guidance and frameworks published by the National Institute of Standards and Technology

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of Socratic methodology?

A. using only automated formatting B. copying code without review C. using structured questioning to discover assumptions, weaknesses and design reasoning D. deploying directly to production

Correct Answer: C. using structured questioning to discover assumptions, weaknesses and design reasoning

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about Zachman Framework?

A. a password manager B. an enterprise architecture framework that organizes system views and perspectives C. a malware sandbox D. an SQL injection filter

Correct Answer: B. an enterprise architecture framework that organizes system views and perspectives

Semester Exam Secure Software Design and Development InternationalMedium

Which statement best describes the purpose of NIST standards?

A. security guidance and frameworks published by the National Institute of Standards and Technology B. a programming language compiler C. a social media policy only D. a malware family

Correct Answer: A. security guidance and frameworks published by the National Institute of Standards and Technology

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about Socratic methodology?

A. using only automated formatting B. using structured questioning to discover assumptions, weaknesses and design reasoning C. copying code without review D. deploying directly to production

Correct Answer: B. using structured questioning to discover assumptions, weaknesses and design reasoning

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by COBIT?

A. a low-level CPU register B. a buffer overflow exploit C. a JavaScript library only D. a governance and management framework for enterprise information and technology

Correct Answer: D. a governance and management framework for enterprise information and technology

Semester Exam Secure Software Design and Development InternationalMedium

For a semester exam, which option is correct about NIST standards?

A. security guidance and frameworks published by the National Institute of Standards and Technology B. a malware family C. a social media policy only D. a programming language compiler

Correct Answer: A. security guidance and frameworks published by the National Institute of Standards and Technology

Semester Exam Secure Software Design and Development InternationalMedium

In secure software design and development, what is meant by OCTAVE?

A. a compiler optimization flag B. a file compression format C. a CSS framework D. a risk-based method focused on operationally critical threats, assets and vulnerabilities

Correct Answer: D. a risk-based method focused on operationally critical threats, assets and vulnerabilities