FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 18: Secure Software Development

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Short Answer

Review LaterAdd Note

Review Later

_______________,historically,has not been an integral part of the software development life cycle.

Correct Answer

verified

Show Answer

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

Determining what needs to be accessed,and the appropriate level of permission for every item accessed is an example of what principle?

A) Least functionality
B) Least privilege
C) Least access
D) Least rights

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

Generating true random numbers is a fairly trivial task.

Which type of error occurs when a program executes the error checking routine,prior to manipulating strings to a base form?

Proper use of _______________ can provide a wealth of programmatic functionality,such as authentication,confidentiality,integrity,and nonrepudiation.

You are interviewing for a job as a software developer.The interviewer asks you to explain good software development practices.

What is used to compare program responses to known inputs and comparison of the output to desired output?

The specific security needs of a program being developed should be defined in the design phase of the secure development lifecycle.

_______________ is the systematic application of a series of malformed inputs to test how the program responds.

In the secure development lifecycle,how must the specific security needs of software being developed be defined?

The spiral model is characterized by iterative development,where requirements and solutions evolve through an ongoing collaboration between self-organizing,cross-functional teams.

Which is related to a code injection error?

When the function of code is changed in an unintended way,it is an example of code injection.

In the secure development lifecycle,in which phase should minimizing the attack surface area take place?

Cryptography is the solution to all security problems.

What are the phases of the software development lifecycle?

How can secure coding be incorporated into the software development process?

In the secure development lifecycle,employing use cases to compare program responses to known inputs,and then comparing the outputs to the desired outputs should take place in which phase?

What are the major types of coding errors and their root cause?

The _______________ model is characterized by a multistep process in which the steps follow each other in a linear,one-way fashion,like water over a waterfall