Lesson 9 Flashcards
BIOS is an example of _____.
BIOS is an example of machine-level software.
Which of the following software development processes follows a linear sequence from initiation and conception to maintenance?
The waterfall model for software development follows a linear sequence from initiation and conception to maintenance.
The _____ development process demonstrates the relationship between each early phase of development and the associated testing phase.
The V-model for software development demonstrates the relationship between each early phase of development and the associated testing phase.
Which of the following software development processes is best for large and complicated projects?
The spiral model for software development is intended for large and complicated projects.
The TJ Maxx hack was due to:
an SQL injection that allowed theft of data following a WEP crack
Agile development:
is a dynamic method that allows for change and uses small teams to develop and process applications quickly.
In programming, the requirements phase is:
the phase that highlights what the program should do.
When working to find secure programming methodologies, programmers should:
use a knowledge management base to avoid known pitfalls and have appropriate libraries against improper coding practices.
The Waterfall method of programming:
The Waterfall method would allow a return to a previous module from its current iterative process.
System auditing of software ensures _____.
A software’s compliance to specifications, quality, industry standards, best practices, and regulations.
A software is secure when _____.
A software is secure when it is developed in a way that its operations and functions continue as normal even when subject to breaches and malicious attacks.
Which of the following records the time stamps of activities of the software?
System Logging
Securing software is important because _____.
Dire consequences can result from vulnerabilities, resulting in high costs of remediation of the damage.
Which of the following security measures best secures data from malicious manipulation?
Data Encoding
What is a failed test?
The actual results do not match the expected results
Who normally performs Business Level Testing?
Business Analysts and/or testers
What type of testing checks that all modules can communicate with each other?
System Testing
What is the term used to describe the first type of testing that is done by developers?
Unit Testing
What type of testing is performed immediately before deployment?
Formal Acceptance Testing
Which of the following statements is TRUE?
During coding it is imperative that secure coding standards and guidelines are strictly adhered to in order to prevent known high-risk vulnerabilities.
Which of the following does NOT enhance the security environment in software development?
Tainted Input Data
Why is security important in ensuring safe software is developed?
Security in software development forms one of the main foundation pillars for successful software. Security ensures the designing, building and testing the software is done in a proactive manner that enables the software to prevent problems and attacks automatically.
The earliest stage at which security should be factored into the development of safe software is the _____ stage.
This entails defining the general details and scope of the software. The scope of the project will be key in determining the most common threats and associated vulnerabilities that need to be protected against.
answer: planning
At which stage is Static Code Analysis important?
Maintenance phase always involves tweaking old code and adding new code. As such an initial code quality and secure baseline are established post development. Static tools are used to constantly scan new/edited code using the baseline to resolve any consequent issues.
answer: maintenance
