SECURE SOFTWARE DESIGN QUIZ WITH
COMPLETE QUESTIONS AND ANSWERS [
GRADED A+
SDLC - ✔✔Software Design Life Cycle. A structured process that enables
the production of software.
SDL - ✔✔Secure Development Lifecycle. A process that standardizes
security best practices.
What does Software Security entail? - ✔✔Building security into
software through an SDL in an SDLC.
Three core elements of security - ✔✔Confidentiality, integrity, and
availability (the C.I.A. model)
,What can be completed to alleviate security vulnerabilities? -
✔✔Threat modeling and attack surface validation through the SDL.
SDLC Phases - ✔✔1. Planning
2. Analysis
3. Design
4. Development
5. Testing
6. Implementation
7. Maintenance
8. End of life
What happens during the Deployment phase of the SDLC? - ✔✔This is
when security is pushed out.
What happens during the Design phase of the SDLC? - ✔✔This is when
requirements are prepared for the technical design.
,What happens during the End of Life phase of the SDLC? - ✔✔This is
when the proper steps for removing software completely are
considered.
What happens during the Implementation phase of the SDCL? - ✔✔This
is when resources involved in the application from a known resource
are determined.
What happens during the Maintenance phase of the SDLC? - ✔✔This is
when ongoing security monitoring is implemented.
What happens during the Planning phase of the SDLC? - ✔✔This is
when a vision and next steps are created.
What happens during the Requirement phase of the SDLC? - ✔✔This is
when necessary software requirements are determined.
What is Secure Code? - ✔✔This is a principle design in coding that
refers to code security best practices, safeguards, and protection
against vulnerabilities.
, What happens during the Testing phase of the SDLC? - ✔✔This is when
software is tested to verify its functions through a known environment.
What is Threat Modeling? - ✔✔A core element of the Microsoft
Security Development Lifecycle (SDL). It's an engineering technique you
can use to help you identify threats, attacks, vulnerabilities, and
countermeasures that could affect your application.
What is Building Security In Maturity Model (BSIMM) - ✔✔A study of
existing software security initiatives. The primary objective is to build a
maturity model based on actual data gathered from nine large-scale
software development initiatives. Meant for use by anyone responsible
for creating and executing a software security initiative (SSI).
What is OWASP - ✔✔Open Web Application Security Project. A flexible
and prospective framework that helps build security into your software
development organization.
COMPLETE QUESTIONS AND ANSWERS [
GRADED A+
SDLC - ✔✔Software Design Life Cycle. A structured process that enables
the production of software.
SDL - ✔✔Secure Development Lifecycle. A process that standardizes
security best practices.
What does Software Security entail? - ✔✔Building security into
software through an SDL in an SDLC.
Three core elements of security - ✔✔Confidentiality, integrity, and
availability (the C.I.A. model)
,What can be completed to alleviate security vulnerabilities? -
✔✔Threat modeling and attack surface validation through the SDL.
SDLC Phases - ✔✔1. Planning
2. Analysis
3. Design
4. Development
5. Testing
6. Implementation
7. Maintenance
8. End of life
What happens during the Deployment phase of the SDLC? - ✔✔This is
when security is pushed out.
What happens during the Design phase of the SDLC? - ✔✔This is when
requirements are prepared for the technical design.
,What happens during the End of Life phase of the SDLC? - ✔✔This is
when the proper steps for removing software completely are
considered.
What happens during the Implementation phase of the SDCL? - ✔✔This
is when resources involved in the application from a known resource
are determined.
What happens during the Maintenance phase of the SDLC? - ✔✔This is
when ongoing security monitoring is implemented.
What happens during the Planning phase of the SDLC? - ✔✔This is
when a vision and next steps are created.
What happens during the Requirement phase of the SDLC? - ✔✔This is
when necessary software requirements are determined.
What is Secure Code? - ✔✔This is a principle design in coding that
refers to code security best practices, safeguards, and protection
against vulnerabilities.
, What happens during the Testing phase of the SDLC? - ✔✔This is when
software is tested to verify its functions through a known environment.
What is Threat Modeling? - ✔✔A core element of the Microsoft
Security Development Lifecycle (SDL). It's an engineering technique you
can use to help you identify threats, attacks, vulnerabilities, and
countermeasures that could affect your application.
What is Building Security In Maturity Model (BSIMM) - ✔✔A study of
existing software security initiatives. The primary objective is to build a
maturity model based on actual data gathered from nine large-scale
software development initiatives. Meant for use by anyone responsible
for creating and executing a software security initiative (SSI).
What is OWASP - ✔✔Open Web Application Security Project. A flexible
and prospective framework that helps build security into your software
development organization.
