Lesson 9

Question 1

BIOS is an example of _____.

Answer 1

BIOS is an example of machine-level software.

Question 2

Which of the following software development processes follows a linear sequence from initiation and conception to maintenance?

Answer 2

The waterfall model for software development follows a linear sequence from initiation and conception to maintenance.

Question 3

The _____ development process demonstrates the relationship between each early phase of development and the associated testing phase.

Answer 3

The V-model for software development demonstrates the relationship between each early phase of development and the associated testing phase.

Question 4

Which of the following software development processes is best for large and complicated projects?

Answer 4

The spiral model for software development is intended for large and complicated projects.

Question 5

The TJ Maxx hack was due to:

Answer 5

an SQL injection that allowed theft of data following a WEP crack

Question 6

Agile development:

Answer 6

is a dynamic method that allows for change and uses small teams to develop and process applications quickly.

Question 7

In programming, the requirements phase is:

Answer 7

the phase that highlights what the program should do.

Question 8

When working to find secure programming methodologies, programmers should:

Answer 8

use a knowledge management base to avoid known pitfalls and have appropriate libraries against improper coding practices.

Question 9

The Waterfall method of programming:

Answer 9

The Waterfall method would allow a return to a previous module from its current iterative process.

Question 10

System auditing of software ensures _____.

Answer 10

A software’s compliance to specifications, quality, industry standards, best practices, and regulations.

Question 11

A software is secure when _____.

Answer 11

A software is secure when it is developed in a way that its operations and functions continue as normal even when subject to breaches and malicious attacks.

Question 12

Which of the following records the time stamps of activities of the software?

Answer 12

System Logging

Question 13

Securing software is important because _____.

Answer 13

Dire consequences can result from vulnerabilities, resulting in high costs of remediation of the damage.

Question 14

Which of the following security measures best secures data from malicious manipulation?

Answer 14

Data Encoding

Question 15

What is a failed test?

Answer 15

The actual results do not match the expected results

Question 16

Who normally performs Business Level Testing?

Answer 16

Business Analysts and/or testers

Question 17

What type of testing checks that all modules can communicate with each other?

Answer 17

System Testing

Question 18

What is the term used to describe the first type of testing that is done by developers?

Answer 18

Unit Testing

Question 19

What type of testing is performed immediately before deployment?

Answer 19

Formal Acceptance Testing

Question 20

Which of the following statements is TRUE?

Answer 20

During coding it is imperative that secure coding standards and guidelines are strictly adhered to in order to prevent known high-risk vulnerabilities.

Question 21

Which of the following does NOT enhance the security environment in software development?

Answer 21

Tainted Input Data

Question 22

Why is security important in ensuring safe software is developed?

Answer 22

Security in software development forms one of the main foundation pillars for successful software. Security ensures the designing, building and testing the software is done in a proactive manner that enables the software to prevent problems and attacks automatically.

Question 23

The earliest stage at which security should be factored into the development of safe software is the _____ stage.

Answer 23

This entails defining the general details and scope of the software. The scope of the project will be key in determining the most common threats and associated vulnerabilities that need to be protected against.

answer: planning

Question 24

At which stage is Static Code Analysis important?

Answer 24

Maintenance phase always involves tweaking old code and adding new code. As such an initial code quality and secure baseline are established post development. Static tools are used to constantly scan new/edited code using the baseline to resolve any consequent issues.

answer: maintenance

Question 25

Which of the following software development processes follows a linear sequence from initiation and conception to maintenance?

Answer 25

Waterfall

Question 26

What is an operating system?

Answer 26

A software layer to create an environment for programmers

Question 27

Vulnerability Scanning involves _____.

Answer 27

scanning for open ports and network enumeration tests.

Question 28

Which of the following statement is FALSE with regards to the importance of Software Security Testing?

Answer 28

It gathers basic information about the software and its structures.

Question 29

Areas of weakness
The role of software testing in cybercrime