Chapter 4 Flashcards
Why security software requirements matter(5)
- protection of sensitive data
- regulatory compliance
- user trust
- risk mitigation
- coast and effort effective
Key aspects of security software requirements: (10)
1- authentication
2- authorization
3- data integrity
4- encryption
5- vulnerability management
6- logging and monitoring
7- compliance
8- resilience and availability
9- input validation
10- incident response
What’s the difference between authorization and authentication
In iPad
To establish security standards, metrics and governance do the following (4)
- identify required standards
- Define security requirements
- define matrices and compliance reporting
- create a security exception process
AI safety and security (4)
- AI security and protection
- New threat model
- AI resilience
- AI Discretion
Practice 2 require use of proven security features , languages and frameworks
- Identity
-AI safety and security
- data protection
- logging and telemetry
- user trust approved tools
Logging serves several purposes(4)
- debugging and monitoring
- monitoring and analysis
- security and auditing
- audit trials
Examples types of logs(3)
Error logs
Access logs
Transaction logs
Use approved tools
Microsoft SDL Tools
Git hub Microsoft DEVskim
Visual studio marketplace