Chapter 4

Question 1

Why security software requirements matter(5)

Answer 1

• protection of sensitive data
• regulatory compliance
• user trust
• risk mitigation
• coast and effort effective

Question 2

Key aspects of security software requirements: (10)

Answer 2

1- authentication

2- authorization

3- data integrity

4- encryption

5- vulnerability management

6- logging and monitoring

7- compliance

8- resilience and availability

9- input validation

10- incident response

Question 3

What’s the difference between authorization and authentication

Answer 3

In iPad

Question 4

To establish security standards, metrics and governance do the following (4)

Answer 4

• identify required standards
• Define security requirements
• define matrices and compliance reporting
• create a security exception process

Question 5

AI safety and security (4)

Answer 5

• AI security and protection
• New threat model
• AI resilience
• AI Discretion

Question 6

Practice 2 require use of proven security features , languages and frameworks

Answer 6

• Identity

-AI safety and security

• data protection
• logging and telemetry
• user trust approved tools

Question 7

Logging serves several purposes(4)

Answer 7

• debugging and monitoring
• monitoring and analysis
• security and auditing
• audit trials

Question 8

Examples types of logs(3)

Answer 8

Error logs

Access logs

Transaction logs

Question 9

Use approved tools

Answer 9

Microsoft SDL Tools

Git hub Microsoft DEVskim

Visual studio marketplace