Chapter 1

Question 1

Operational security of software-intensive systems depends on the practices and techniques during their

Answer 1

design and development

Question 2

Lifecycle processes must consider the _______ inherent in the operational environments where systems are deployed

Answer 2

security- related

Question 3

Increased consideration of operational security earlier in the acquisition and development process provides an opportunity to _____________

Answer 3

tone decisions to address security risk and reduce the total cost of operational security

Question 4

SCADA stands for

Answer 4

supervisory control and data acquisition

Question 5

Much of the information protection in place today is based on the principles established by _______

Answer 5

Saltzer and Schroeder

Question 6

Where and when did Saltzer and Schroeder’s publication appear?

Answer 6

1974, Communications of the ACM

Question 7

What was the title of Saltzer and Schroeder’s influential paper?

Answer 7

“The Protection of Information in Computer Systems”

Question 8

What did Saltzer and Schroeder define as security?

Answer 8

“Techniques that control who may use or modify the computer or the information contained in it.”

Question 9

What are the three main categories of security concern?

Answer 9

Confidentiality, integrity, availability

Question 10

Name some examples of security problems

Answer 10

Malware, viruses, XSS, SQL Injection

Question 11

Those working with deployed systems refer to their enhanced security needs as _____

Answer 11

Cyber Security Assurance

Question 12

Software assurance as a term usually refers to the areas of ______

Answer 12

acquisition and development

Question 13

What is the NASA definition of software assurance?

Answer 13

“The planned and systematic set of activities that ensure that software lifecycle processes and products conform to requirements, standards, and procedures.”

Question 14

What ISO standards are a good reference for software assurance topics?

Answer 14

ISO/IEC 2008a, 2008b, 2009, 2011, 2015

Question 15

What do definitions of software assurance usually include?

Answer 15

The requirement that software functions as intended.

Question 16

What’s one reason for the different approaches suggested by the existing definitions of software assurance?

Answer 16

Risks related to modern systems of systems

Question 17

What are some other challenges to effective operational security?

Answer 17

The increased use of commercial off-the-shelf (COTS) and open-source software as components within a system

Question 18

Sustainment is

Answer 18

maintaining a deployed system over time as technology and operational needs change

Question 19

Ignoring the issues surrounding sustainment can _______

Answer 19

undermine the stability, security and longevity of systems in production

Question 20

Economy of mechanism

Answer 20

Keep the design as simple and small as possible

Question 21

Fail-safe defaults

Answer 21

base access decisions on permission rather than exclusion

Question 22

complete mediation

Answer 22

every access to every object must be checked for authority

Question 23

open design

Answer 23

the design should not be secret. the mechanisms should not depend on the ignorance of the potential attackers, rather on the possession of specific and more easily protected keys and passwords

Question 24

separation of privilege

Answer 24

where feasible, a protection mechanism that requires 2 keys to unlock is more robust and flexible than one that allows access to the presenter of only a single key

Question 25

least privilege

Answer 25

every program and every user of the system should operate using the least set of privileges necessary to complete the job.

Question 26

least common mechanism

Answer 26

minimize the amount of mechanism common to more than one user and depended on by all users

Question 27

psychological acceptability

Answer 27

it is essential that the human interface be designed for ease of use so that users routinely and automatically apply the protection mechanisms correctly

Question 28

a ______ of risk drives assurance decisions

Answer 28

perception

Question 29

organizations without effective software assurance programs perceive risks based on ______

Answer 29

successful attacks and usually respond reactively

Question 30

organizations can incorrectly perceive risk when they don’t ________

Answer 30

understand the threats and their impacts

Question 31

risk concerns shall be _______ across all stakeholders and all interconnected technology elements

Answer 31

aligned

Question 32

highly connected systems require _________

Answer 32

the aligning of risk across all stakeholders

Question 33

protections can be applied at every technology _____

Answer 33

level

Question 34

protections will conflict if not _____________

Answer 34

well orchestrated

Question 35

dependencies shall not be trusted until proven _______

Answer 35

trustworthy

Question 36

assurance of an integrated product depends on _________

Answer 36

other people’s assurance decisions

Question 37

organizations must decide how much trust to place in dependencies based on _______

Answer 37

realistic assessments of the threats, impacts and opportunities represented by various interactions

Question 38

dependencies are not _____

Answer 38

static

Question 39

organizations must regularly review ______

Answer 39

trust relationships

Question 40

attacks shall be _____

Answer 40

expected

Question 41

a ________ of attackers can compromise an organization’s technology assets

Answer 41

broad community

Question 42

there are no ______ protections against attacks

Answer 42

perfect

Question 43

the attacker profile is _______

Answer 43

constantly changing

Question 44

assurance requires effective ______ among all technology participants

Answer 44

coordination

Question 45

organizations must apply protection broadly across its ________

Answer 45

people, policies and technologies

Question 46

attackers take advantage of ______

Answer 46

all possible entry points

Question 47

clearly establish ______ and _____

Answer 47

authority and responsibilityA

Question 48

assurance shall be _______ and ______

Answer 48

well planned and dynamic

Question 49

assurance must represent a balance between _____, _____, and ______

Answer 49

governance, construction and operation

Question 50

a means to measure and audit overall assurance shall be _______

Answer 50

built in

Question 51

organizations cannot manage what they cannot ______

Answer 51

measure

Question 52

users will not address issues unless ______

Answer 52

held accountable

Question 53

organizations must take focused measures to ensure that components are

Answer 53

securely engineered

Question 54

operational systems are built and acquired through coordinated actions involving predefined steps. This is known as a _____

Answer 54

lifecycle

Question 55

what standards provide guidance for suitable lifecycles?

Answer 55

NIST SP-800-160, ISO 15288

Question 56

Every component of the software system and its interfaces must be operated and sustained with ________ in mind

Answer 56

organizational risk

Question 57

confidence is a quality measure that means what?

Answer 57

the delivered system will behave as specified

Question 58

At the start of the development cycle, the confidence gap is ______

Answer 58

large

Question 59

reliability depends on

Answer 59

identifying and mitigating potential faults

Question 60

how can assurance be defined?

Answer 60

“a documented body of evidence that provides a convincing and valid argument that a specific set of critical claims about a system’s properties are adequately justified for a given application in a given environment.” (Kelly 1998)

Question 61

Assurance reviewers may doubt the _______, ________, and _______

Answer 61

claim, argument, evidence