Secure Software Design - C706 Exam
Questions With 100% Verified Answers
Protecting the software and the systems on which it runs after
release, after dev is complete -
correct answer ✅Application security
Three core elements of security -
correct answer ✅Confidentiality, integrity, and availability (the
C.I.A. model
Tools that look for a fixed set of patterns or rules in the code in a
manner similar to virus-checking programs -
correct answer ✅Static analysis tools
Ensures that the user has the appropriate role and privilege to view
data -
correct answer ✅Authorization
Ensures that the user is who he or she claims to be and that the
data come from the appropriate place -
correct answer ✅Authentication
Question 4 :
,Secure Software Design - C706 Exam
Questions With 100% Verified Answers
What is responsible for preserving authorized restrictions on
information access and disclosure, including means for protecting
personal privacy and proprietary information? -
correct answer ✅Question 4
Confidentiality
Q5:
What is responsible for guarding against improper information
modification or destruction, and includes ensuring information non-
repudiation and authenticity? -
correct answer ✅Q5:
Integrity
Q6:
Which concept in the software life cycle understands the potential
security threats to the system, determines risk, and establishes
appropriate mitigations? -
correct answer ✅Q6:
,Secure Software Design - C706 Exam
Questions With 100% Verified Answers
Threat modeling
Q7:
The idea behind is simply to understand the potential security
threats to the system, determine risk, and establish appropriate
mitigations. When it is performed correctly, it occurs early in the
project life cycle and can be used to find security design issues
before code is committed. -
correct answer ✅Q7:
threat modeling
_Q8:
____________is about building secure software: designing software
to be secure; making sure that software is secure; and educating
software developers, architects, and users about how to build
security in. -
correct answer ✅Q8:
, Secure Software Design - C706 Exam
Questions With 100% Verified Answers
software security
Q9:
__________, as the name suggests, is really aimed at developing
secure software, not necessarily quality software -
correct answer ✅Q9:
SDL methodology
The most well-known SDL model is the __________, a process that
Microsoft has adopted for the development of software that needs
to withstand malicious attack. This is considered the most mature
of the top three models. -
correct answer ✅Trustworthy Computing Security Development
Lifecycle
_________This is a study of real-world software security initiatives
organized so that you can determine where you stand with your
software security initiative and how to evolve your efforts over
time. It is a set of best practices that Cigital developed by analyzing
real-world data from nine leading software security initiatives and
Questions With 100% Verified Answers
Protecting the software and the systems on which it runs after
release, after dev is complete -
correct answer ✅Application security
Three core elements of security -
correct answer ✅Confidentiality, integrity, and availability (the
C.I.A. model
Tools that look for a fixed set of patterns or rules in the code in a
manner similar to virus-checking programs -
correct answer ✅Static analysis tools
Ensures that the user has the appropriate role and privilege to view
data -
correct answer ✅Authorization
Ensures that the user is who he or she claims to be and that the
data come from the appropriate place -
correct answer ✅Authentication
Question 4 :
,Secure Software Design - C706 Exam
Questions With 100% Verified Answers
What is responsible for preserving authorized restrictions on
information access and disclosure, including means for protecting
personal privacy and proprietary information? -
correct answer ✅Question 4
Confidentiality
Q5:
What is responsible for guarding against improper information
modification or destruction, and includes ensuring information non-
repudiation and authenticity? -
correct answer ✅Q5:
Integrity
Q6:
Which concept in the software life cycle understands the potential
security threats to the system, determines risk, and establishes
appropriate mitigations? -
correct answer ✅Q6:
,Secure Software Design - C706 Exam
Questions With 100% Verified Answers
Threat modeling
Q7:
The idea behind is simply to understand the potential security
threats to the system, determine risk, and establish appropriate
mitigations. When it is performed correctly, it occurs early in the
project life cycle and can be used to find security design issues
before code is committed. -
correct answer ✅Q7:
threat modeling
_Q8:
____________is about building secure software: designing software
to be secure; making sure that software is secure; and educating
software developers, architects, and users about how to build
security in. -
correct answer ✅Q8:
, Secure Software Design - C706 Exam
Questions With 100% Verified Answers
software security
Q9:
__________, as the name suggests, is really aimed at developing
secure software, not necessarily quality software -
correct answer ✅Q9:
SDL methodology
The most well-known SDL model is the __________, a process that
Microsoft has adopted for the development of software that needs
to withstand malicious attack. This is considered the most mature
of the top three models. -
correct answer ✅Trustworthy Computing Security Development
Lifecycle
_________This is a study of real-world software security initiatives
organized so that you can determine where you stand with your
software security initiative and how to evolve your efforts over
time. It is a set of best practices that Cigital developed by analyzing
real-world data from nine leading software security initiatives and
