IDENTIFICATION

Question 1

It is a specialized framework designed to integrate security into every phase of the traditional systems development life (SDLC)

Answer 1

Security Systems Development Life Cycle (SecSDLC)

Question 2

Is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, or destructions

Answer 2

Information Security

Question 3

Ensuring that information is accessible only to authorized individuals.

Answer 3

CONFIDENTIALITY

Question 4

Maintaining the accuracy and completeness of information.

Answer 4

INTEGRITY

Question 5

Ensuring that information is accessible when needed by authorized users.

Answer 5

AVAILABILITY

Question 6

Attempts to trick users into revealing sensitive information.

Answer 6

Phishing

Question 7

Malicious software such as viruses, worms, and trojans

Answer 7

Malware

Question 8

Overwhelming a system with traffic to make it unavailable.

Answer 8

Distributed Denial of Service (DDos) attack

Question 9

Injecting malicious SQL code into a web application.

Answer 9

SQL Injection

Question 10

Manipulating people to gain unauthorized access.

Answer 10

Social Engineering Attack

Question 11

Transforming data into a code to protect its confidentiality.

Answer 11

Encryption

Question 12

Network Security devices that filter traffic.

Answer 12

Firewalls

Question 13

Limiting access to information based on user roles and permissions.

Answer 13

Access Control

Question 14

Monitoring networks for suspicious activity

Answer 14

Operations and Maintenance Phase

Question 15

Creating copies of data to restore in case of loss.

Answer 15

backup

Question 16

Is fundamental in every aspect of human life, driving decisions, enabling communication, and powering innovations.

Answer 16

Information

Question 17

Respecting the privacy rights of individuals

Answer 17

Confidentiality

Question 18

Acting with competence and responsibility.

Answer 18

Accountability

Question 19

Mistakes made by users or administrators can lead to security breaches.

Answer 19

User Domain, Human Failure

Question 20

This phase builds upon the architectural concepts developed previously

Answer 20

Design Phase

Question 21

The developed system is deployed in a production environment.

Answer 21

Implementation Phase

Question 22

It involves identifying and assessing security needs and setting goals based on the business’s security policies.

Answer 22

initiation Phase

Question 23

The system is developed and built according to the design.

Answer 23

Development Phase

Question 24

The focus is on selecting technologies, methodologies, and security frameworks that will be used throughout the development of the system.

Answer 24

System Concept Development Phase

Question 25

This phase **focuses on maintaining and updating the system** to ensure that it remains secure over time.

Answer 25

Operations and Maintenance Phase