D487 ITAS 6231 Secure Software Design
Objective Assessment Review
(Questions & Solutions)
2025
1
, 1. Case:
A software development team is initiating the design phase for a web‐
based application that will process sensitive personal data. They
decide to integrate security measures from the beginning.
Question: Which methodology, applied during the design phase, is
most effective in identifying potential threats and vulnerabilities?
- (A) Penetration testing
- (B) Threat modeling
- (C) Static code analysis
- (D) Load testing
Correct ANS: (B) Threat modeling
Rationale: Threat modeling is a proactive process used during the
design phase to identify potential threats, attack vectors, and
vulnerabilities. It enables teams to implement mitigations before
development begins.
---
2. Case:
A development team adopts the Model‐View‐Controller (MVC)
architectural design pattern in their application.
Question: What is one key security benefit provided by the MVC
pattern?
- (A) It centralizes business logic to improve performance.
- (B) It enforces separation of concerns, which limits the propagation
of security vulnerabilities across application layers.
- (C) It eliminates the need for input validation.
- (D) It provides built‐in encryption for data storage.
Correct ANS: (B) It enforces separation of concerns, which limits
the propagation of security vulnerabilities across application layers.
Rationale: By isolating the application’s data, business logic, and
2
,presentation layers, MVC reduces the risk that a vulnerability in one
layer will affect the others.
---
3. Case:
A software vendor integrates static code analysis tools into its secure
development lifecycle to catch security flaws before production.
Question: What is the primary advantage of using static code
analysis in secure software design?
- (A) It identifies runtime vulnerabilities.
- (B) It detects security issues within the source code without
executing it.
- (C) It automates unit testing.
- (D) It improves code performance by optimizing algorithms.
Correct ANS: (B) It detects security issues within the source code
without executing it.
Rationale: Static code analysis reviews source code for
weaknesses and violations of secure coding practices—the process
occurs without code execution, helping developers address issues
early.
---
4. Case:
During the design of a new application, the engineering team is
evaluating third‐party libraries. They are concerned about the risk of
vulnerabilities introduced by external components.
Question: Which practice best mitigates the risk associated with
third‐party dependencies?
- (A) Using only open-source libraries.
- (B) Maintaining a dependency registry and performing regular
vulnerability scans on third‐party components.
- (C) Rewriting all external libraries in‐house.
3
, - (D) Ignoring third‐party libraries as they are assumed to be secure.
Correct ANS: (B) Maintaining a dependency registry and performing
regular vulnerability scans on third‐party components.
Rationale: Regularly reviewing and updating the security status of
third‐party dependencies helps mitigate risks without the
impracticality of rewriting trusted libraries from scratch.
---
5. Case:
A development team is evaluating how to protect sensitive data
within their application. They decide against developing a custom
cryptographic solution.
Question: What is the main reason for using established
cryptographic libraries instead of a custom implementation?
- (A) Custom implementations are always slower.
- (B) Established libraries are widely vetted and maintained, reducing
the risk of subtle vulnerabilities.
- (C) Custom cryptographic solutions are less flexible in development
environments.
- (D) Established libraries are cheaper than in‐house development.
Correct ANS: (B) Established libraries are widely vetted and
maintained, reducing the risk of subtle vulnerabilities.
Rationale: Standard cryptographic libraries, such as OpenSSL or
Bouncy Castle, are continually reviewed for security and are less
likely to contain exploitable vulnerabilities compared to custom
solutions.
---
6. Case:
During input validation design, the development team opts to
implement a whitelist approach.
4
Objective Assessment Review
(Questions & Solutions)
2025
1
, 1. Case:
A software development team is initiating the design phase for a web‐
based application that will process sensitive personal data. They
decide to integrate security measures from the beginning.
Question: Which methodology, applied during the design phase, is
most effective in identifying potential threats and vulnerabilities?
- (A) Penetration testing
- (B) Threat modeling
- (C) Static code analysis
- (D) Load testing
Correct ANS: (B) Threat modeling
Rationale: Threat modeling is a proactive process used during the
design phase to identify potential threats, attack vectors, and
vulnerabilities. It enables teams to implement mitigations before
development begins.
---
2. Case:
A development team adopts the Model‐View‐Controller (MVC)
architectural design pattern in their application.
Question: What is one key security benefit provided by the MVC
pattern?
- (A) It centralizes business logic to improve performance.
- (B) It enforces separation of concerns, which limits the propagation
of security vulnerabilities across application layers.
- (C) It eliminates the need for input validation.
- (D) It provides built‐in encryption for data storage.
Correct ANS: (B) It enforces separation of concerns, which limits
the propagation of security vulnerabilities across application layers.
Rationale: By isolating the application’s data, business logic, and
2
,presentation layers, MVC reduces the risk that a vulnerability in one
layer will affect the others.
---
3. Case:
A software vendor integrates static code analysis tools into its secure
development lifecycle to catch security flaws before production.
Question: What is the primary advantage of using static code
analysis in secure software design?
- (A) It identifies runtime vulnerabilities.
- (B) It detects security issues within the source code without
executing it.
- (C) It automates unit testing.
- (D) It improves code performance by optimizing algorithms.
Correct ANS: (B) It detects security issues within the source code
without executing it.
Rationale: Static code analysis reviews source code for
weaknesses and violations of secure coding practices—the process
occurs without code execution, helping developers address issues
early.
---
4. Case:
During the design of a new application, the engineering team is
evaluating third‐party libraries. They are concerned about the risk of
vulnerabilities introduced by external components.
Question: Which practice best mitigates the risk associated with
third‐party dependencies?
- (A) Using only open-source libraries.
- (B) Maintaining a dependency registry and performing regular
vulnerability scans on third‐party components.
- (C) Rewriting all external libraries in‐house.
3
, - (D) Ignoring third‐party libraries as they are assumed to be secure.
Correct ANS: (B) Maintaining a dependency registry and performing
regular vulnerability scans on third‐party components.
Rationale: Regularly reviewing and updating the security status of
third‐party dependencies helps mitigate risks without the
impracticality of rewriting trusted libraries from scratch.
---
5. Case:
A development team is evaluating how to protect sensitive data
within their application. They decide against developing a custom
cryptographic solution.
Question: What is the main reason for using established
cryptographic libraries instead of a custom implementation?
- (A) Custom implementations are always slower.
- (B) Established libraries are widely vetted and maintained, reducing
the risk of subtle vulnerabilities.
- (C) Custom cryptographic solutions are less flexible in development
environments.
- (D) Established libraries are cheaper than in‐house development.
Correct ANS: (B) Established libraries are widely vetted and
maintained, reducing the risk of subtle vulnerabilities.
Rationale: Standard cryptographic libraries, such as OpenSSL or
Bouncy Castle, are continually reviewed for security and are less
likely to contain exploitable vulnerabilities compared to custom
solutions.
---
6. Case:
During input validation design, the development team opts to
implement a whitelist approach.
4
