Secure Software Design Study Guide - C706 Questions and Answers with Verified Solutions

Confidentiality - Information is not made available or disclosed to unauthorized individuals, entities, or processes. Ensures unauthorized persons are not able to read private and sensitive data. It is achieved through cryptography. Integrity - Ensures unauthorized persons or channels are not able to modify the data. It is accomplished through the use of a message digest or digital signatures. Availability - The computing systems used to store and process information, the security controls used to protect information, and the communication channels used to access information must be functioning correctly. Ensures system remains operational even in the event of a failure or an attack. It is achieved by providing redundancy or fault tolerance for a failure of a system and its components. Ensure Confidentiality - Public Key Infrastructure (PKI) and Cryptography/Encryption Ensure Availability - Offsite back-up and Redundancy Ensure Integrity - Hashing, Message Digest (MD5), non repudiation and digital signaturesSoftware Architect - Moves analysis to implementation and analyzes the requirements and use cases as activities to perform as part of the development process; can also de