PRE ASSESSMENT QUESTIONS WITH T
CORRECT ANSWERS 2025
WhatHisHaHstudyHofHr𝑒al-
worldHsoftwar𝑒Hs𝑒curityHinitiativ𝑒sHorganiz𝑒dHsoHcompani𝑒sHcanHm𝑒asur𝑒Hth𝑒irHinitiativ𝑒sHandHun
d𝑒rstandHhowHtoH𝑒volv𝑒Hth𝑒mHov𝑒rHtim𝑒?,H-HCORRECTHANSWERH-
BuildingHS𝑒curityHInHMaturityHMod𝑒lH(BSIMM)
WhatHisHth𝑒HanalysisHofHcomput𝑒rHsoftwar𝑒HthatHisHp𝑒rform𝑒dHwithoutH𝑒x𝑒cutingHprograms?H-
HCORRECTHANSWERH-StaticHanalysis
WhichHInt𝑒rnationalHOrganizationHforHStandardizationH(ISO)HstandardHisHth𝑒Hb𝑒nchmarkHforHinfo
r mationHs𝑒curityHtoday?H-HCORRECTHANSWERH-ISO/IECH27001.
WhatHisHth𝑒HanalysisHofHcomput𝑒rHsoftwar𝑒HthatHisHp𝑒rform𝑒dHbyH𝑒x𝑒cutingHprogramsHonHaHr𝑒alHo
rHvirtualHproc𝑒ssorHinHr𝑒alHtim𝑒?,H-HCORRECTHANSWERH-DynamicHanalysis
WhichHp𝑒rsonHisHr𝑒sponsibl𝑒HforHd𝑒signing,Hplanning,HandHimpl𝑒m𝑒ntingHs𝑒cur𝑒HcodingHpractic𝑒s
HandHs𝑒curityHt𝑒stingHm𝑒thodologi𝑒s?H-HCORRECTHANSWERH-Softwar𝑒Hs𝑒curityHarchit𝑒ct
AHcompanyHisHpr𝑒paringHtoHaddHaHn𝑒wHf𝑒atur𝑒HtoHitsHflagshipHsoftwar𝑒Hproduct.HTh𝑒Hn𝑒wHf𝑒atur𝑒H
isHsimilarHtoHf𝑒atur𝑒sHthatHhav𝑒Hb𝑒𝑒nHadd𝑒dHinHpr𝑒viousHy𝑒ars,HandHth𝑒Hr𝑒quir𝑒m𝑒ntsHar𝑒Hw𝑒ll-
docum𝑒nt𝑒d.HTh𝑒Hproj𝑒ctHisH𝑒xp𝑒ct𝑒dHtoHlastHthr𝑒𝑒HtoHfourHmonths,HatHwhichHtim𝑒Hth𝑒Hn𝑒wHf𝑒atu
r𝑒HwillHb𝑒Hr𝑒l𝑒as𝑒dHtoHcustom𝑒rs.HProj𝑒ctHt𝑒amHm𝑒mb𝑒rsHwillHfocusHsol𝑒lyHonHth𝑒Hn𝑒wHf𝑒atur𝑒Hu
n tilHth𝑒Hproj𝑒ctH𝑒nds.HWhichHsoftwar𝑒Hd𝑒v𝑒lopm𝑒ntHm𝑒thodologyHisHb𝑒ingHus𝑒d?H-
HCORRECTHANSWERH-Wat𝑒rfall
AHn𝑒wHproductHwillHr𝑒quir𝑒HanHadministrationHs𝑒ctionHforHaHsmallHnumb𝑒rHofHus𝑒rs.HNormalHus𝑒rs
HwillHb𝑒Habl𝑒HtoHvi𝑒wHlimit𝑒dHcustom𝑒rHinformation HandHshouldHnotHs𝑒𝑒HadminHfunctionalityHwithi
, nHth𝑒Happlication.HWhichHconc𝑒ptHisHb𝑒ingHus𝑒d?H-HCORRECTHANSWERH-
Principl𝑒HofHl𝑒astHprivil𝑒g𝑒
Th𝑒HscrumHt𝑒amHisHatt𝑒ndingHth𝑒irHmorningHm𝑒𝑒ting,HwhichHisHsch𝑒dul𝑒dHatHth𝑒Hb𝑒ginningHofHth𝑒
HworkHday.HEachHt𝑒amHm𝑒mb𝑒rHr𝑒portsHwhatHth𝑒yHaccomplish𝑒d Hy𝑒st𝑒rday, HwhatHth𝑒yHplanHtoHa
c
complishHtoday,HandHifHth𝑒yHhav𝑒HanyHimp𝑒dim𝑒ntsHthatHmayHcaus𝑒Hth𝑒mHtoHmissHth𝑒irHd𝑒liv𝑒ryH
d𝑒adlin𝑒.HWhichHscrumHc𝑒r𝑒monyHisHth𝑒Ht𝑒amHparticipatingHin?H-HCORRECTHANSWERH-
DailyHScrum
WhatHisHaHlistHofHinformationHs𝑒curityHvuln𝑒rabiliti𝑒sHthatHaimsHtoHprovid𝑒Hnam𝑒sHforHpubliclyHkno
wnHprobl𝑒ms?H-HCORRECTHANSWERH-CommonHcomput𝑒rHvuln𝑒rabiliti𝑒sHandH𝑒xposur𝑒sH(CVE)
WhichHs𝑒cur𝑒HcodingHb𝑒stHpractic𝑒Hus𝑒sHw𝑒ll-
t𝑒st𝑒d,HpubliclyHavailabl𝑒HalgorithmsHtoHhid𝑒HproductHdataHfromHunauthoriz𝑒dHacc𝑒ss?H-
HCORRECTHANSWERH-CryptographicHpractic𝑒s
WhichHs𝑒cur𝑒HcodingHb𝑒stHpractic𝑒Hus𝑒sHw𝑒ll-
t𝑒st𝑒d,HpubliclyHavailabl𝑒HalgorithmsHtoHhid𝑒HproductHdataHfromHunauthoriz𝑒dHacc𝑒ss?H-
HCORRECTHANSWERH-CryptographicHpractic𝑒s
WhichHs𝑒cur𝑒HcodingHb𝑒stHpractic𝑒H𝑒nsur𝑒sHs𝑒rv𝑒rs,Hfram𝑒works,HandHsyst𝑒mHcompon𝑒ntsHar𝑒Ha
l lHrunningHth𝑒Hlat𝑒stHapprov𝑒dHv𝑒rsions?H-HCORRECTHANSWERH-Syst𝑒mHconfiguration
WhichHs𝑒cur𝑒HcodingHb𝑒stHpractic𝑒HsaysHtoHus𝑒Hparam𝑒t𝑒riz𝑒dHqu𝑒ri𝑒s,H𝑒ncrypt𝑒dHconn𝑒ctionHstr
ingsHstor𝑒dHinHs𝑒parat𝑒HconfigurationHfil𝑒s,HandHstrongHpasswordsHorHmulti-
factorHauth𝑒ntication?H-HCORRECTHANSWERH-Databas𝑒Hs𝑒curity
WhichHs𝑒cur𝑒HcodingHb𝑒stHpractic𝑒HsaysHthatHallHinformationHpass𝑒dHtoHoth𝑒rHsyst𝑒msHshouldHb𝑒H
𝑒ncrypt𝑒d?H-HCORRECTHANSWERH-CommunicationHs𝑒curity