Software Security Final Exam 2026/2027
– Comprehensive Q&A Study Guide
Introduction:
This document contains a comprehensive set of questions and
answers covering key topics in software security, including
legal frameworks, security controls, SDLC, vulnerabilities, and
cyber threats. It spans foundational concepts, real-world
security practices, and common exam-style questions for
revision.
The material is well-suited for final exam preparation, offering
both theoretical insights and practical examples aligned with
typical software security curricula.
Exam Questions and Answers:
The __________ attempts to prevent trade secrets from being
illegally shared. -Answer:-Economic Espionage Act
What is the subject of the Computer Security Act? -Answer:-
Federal Agency Information Security
,Which of the following acts is also widely known as the
Gramm-Leach-Bliley Act? -Answer:-Financial Services
Modernization Act
The Council of Europe adopted the Convention of CyberCrime
in 2001 to oversee a range of security functions associated
with __________ activities. -Answer:-Internet
According to the National Information Infrastructure
Protection Act of 1996, the severity of the penalty for computer
crimes depends on the value of the information obtained and
whether the offense is judged to have been committed for each
of the following except __________. -Answer:-to harass
The __________ of 1999 provides guidance on the use of
encryption and provides protection from government
intervention. -Answer:-Security and Freedom through
Encryption Act
___________ are rules that mandate or prohibit certain
behavior and are enforced by the State. (SS) -Answer:-Laws
,The low overall degree of tolerance for ______________ system
use may be a function of the easy association between the
common crimes of breaking and entering, trespassing, theft,
and destruction of property to their computer-related
counterparts. (SS) -Answer:-illicit
The ________________ Act seeks to improve the reliability and
accuracy of financial reporting, as well as increase the
accountability of corporate governance, in publicly traded
companies. (SS) -Answer:-Sarbanes-Oxley
"Long arm __________________" refers to the long arm of the
law reaching across the country or around the world to draw
an accused individual into its court systems whenever it can
establish jurisdiction. (SS) -Answer:-Jurisdiction
The _____________________ Act of 1996 attempts to prevent
trade secrets from being illegally shared. (SS) -Answer:-
economic espionage
__________________ is the legal obligation of an entity that
extends beyond criminal or contract law. (SS) -Answer:-
Liability
, _______________________ are the fixed moral attitudes or
customs of a particular group. (SS) -Answer:-Cultural mores
___________________ information is a form of collective data
that relates to a group or category of people and that
has been altered to remove characteristics or components that
make it possible to identify individuals within the group. (SS) -
Answer:-Aggregate
The Privacy of Customer Information Section of the common
carrier regulation states that any proprietary information shall
be used explicitly for providing services, and not for any
__________ purposes. -Answer:-marketing
When BS 7799 first came out, several countries, including the
United States, Germany, and Japan, refused to adopt it,
claiming that it had fundamental problems. Which of the
following is NOT one of those problems -Answer:-The global
information security community had already defined a
justification for a code of practice, such as the one identified in
ISO/IEC 17799.
– Comprehensive Q&A Study Guide
Introduction:
This document contains a comprehensive set of questions and
answers covering key topics in software security, including
legal frameworks, security controls, SDLC, vulnerabilities, and
cyber threats. It spans foundational concepts, real-world
security practices, and common exam-style questions for
revision.
The material is well-suited for final exam preparation, offering
both theoretical insights and practical examples aligned with
typical software security curricula.
Exam Questions and Answers:
The __________ attempts to prevent trade secrets from being
illegally shared. -Answer:-Economic Espionage Act
What is the subject of the Computer Security Act? -Answer:-
Federal Agency Information Security
,Which of the following acts is also widely known as the
Gramm-Leach-Bliley Act? -Answer:-Financial Services
Modernization Act
The Council of Europe adopted the Convention of CyberCrime
in 2001 to oversee a range of security functions associated
with __________ activities. -Answer:-Internet
According to the National Information Infrastructure
Protection Act of 1996, the severity of the penalty for computer
crimes depends on the value of the information obtained and
whether the offense is judged to have been committed for each
of the following except __________. -Answer:-to harass
The __________ of 1999 provides guidance on the use of
encryption and provides protection from government
intervention. -Answer:-Security and Freedom through
Encryption Act
___________ are rules that mandate or prohibit certain
behavior and are enforced by the State. (SS) -Answer:-Laws
,The low overall degree of tolerance for ______________ system
use may be a function of the easy association between the
common crimes of breaking and entering, trespassing, theft,
and destruction of property to their computer-related
counterparts. (SS) -Answer:-illicit
The ________________ Act seeks to improve the reliability and
accuracy of financial reporting, as well as increase the
accountability of corporate governance, in publicly traded
companies. (SS) -Answer:-Sarbanes-Oxley
"Long arm __________________" refers to the long arm of the
law reaching across the country or around the world to draw
an accused individual into its court systems whenever it can
establish jurisdiction. (SS) -Answer:-Jurisdiction
The _____________________ Act of 1996 attempts to prevent
trade secrets from being illegally shared. (SS) -Answer:-
economic espionage
__________________ is the legal obligation of an entity that
extends beyond criminal or contract law. (SS) -Answer:-
Liability
, _______________________ are the fixed moral attitudes or
customs of a particular group. (SS) -Answer:-Cultural mores
___________________ information is a form of collective data
that relates to a group or category of people and that
has been altered to remove characteristics or components that
make it possible to identify individuals within the group. (SS) -
Answer:-Aggregate
The Privacy of Customer Information Section of the common
carrier regulation states that any proprietary information shall
be used explicitly for providing services, and not for any
__________ purposes. -Answer:-marketing
When BS 7799 first came out, several countries, including the
United States, Germany, and Japan, refused to adopt it,
claiming that it had fundamental problems. Which of the
following is NOT one of those problems -Answer:-The global
information security community had already defined a
justification for a code of practice, such as the one identified in
ISO/IEC 17799.
