Semis 2

Question 1

___ envelops the likelihood of occurrence of uncertain events and their potential for loss within an organization.

Answer 1

Software risk

Question 2

___ has turned into a significant part of ___ as organizations keep on carrying out additional applications across multiple technology, multi-layered environment.

Answer 2

Risk management; software improvement

Question 3

Commonly, ___ is seen as a mix of robustness, performance proficiency, security and transactional risk propagated throughout the system.

Answer 3

software risk

Question 4

Most organizations do not have an interaction to directly address the software risk that results from ___.

Answer 4

dynamic custom software improvement

Question 5

The conventional methodology is to depend on testing -

Answer 5

regression tests, performance tests, user integration tests.

Question 6

In the chart, 30% of defects found in QA and live use are ___.

Answer 6

structural

Question 7

Furthermore, the underlying defects are the…

Answer 7

primary software risk exposures in the application lifecycle

Question 8

In light of known software financial economics, that is ___ for every function that directly lead to software risk.

Answer 8

25 defects

Question 9

Adding a ___ is basic to quantify and prevent software risk in strategic systems.

Answer 9

structural quality gate to the QA cycle

Question 10

Most primary quality defects are really not connected with ___, as per industry sources.

Answer 10

code quality issues

Question 11

A typical misinterpretation that code quality tools could address ___.

Answer 11

software risk

Question 12

In reality, ___ requires system level analysis to identify defects that pose software risk.

Answer 12

structural quality

Question 13

Numerous organizations experience the ill effects of failed systems even when a vast amount of time and money are dedicated to ___.

Answer 13

functional testing methods

Question 14

The ___ does identify approximately 90% of the cause of system failures; nonetheless, it does not represent less clear issues fit for influencing response times, infrastructure stability, and component functionality issues between application layers.

Answer 14

functional approach

Question 15

___ make testing one step further by identifying unknown shortcomings coming from high severity engineering flaws in multi-tiered systems.

Answer 15

Software risk analysis solutions

Question 16

In a complicated ___, it is not sufficient to manage issues as they become evident.

Answer 16

technology climate

Question 17

___ is critical to experiencing flawless performance and benefiting from systems, applications, and your development team.

Answer 17

Prevention

Question 18

Uncovering the not so clear shortcomings in an infrastructure by using dependable software risk analysis solutions ensures the proper identification of:

Answer 18

 System Vulnerabilities
 Compliance Issues
 Stability Problems
 Efficiency Weaknesses
 Performance Degradation
 Security Flaws

Question 19

___ is an activity that utilizes different technological advancements and requires high levels of knowledge.

Answer 19

Software development

Question 20

Due to these and different factors, every software development project contains ___.

Answer 20

elements of uncertainty

Question 21

Due to these and different factors, every software development project contains elements of uncertainty. This is known as ___.

Answer 21

project risk

Question 22

The success of a software development project depends quite heavily on the…

Answer 22

amount of risk that corresponds to each project activity

Question 23

As a ___, it is not enough to simply know about the risks.

Answer 23

project manager

Question 24

To achieve a successful outcome, ___ must identify, assess, prioritize, and manage all of the major risks

Answer 24

project leadership

Question 25

___ implies risk control and mitigation.

Answer 25

Risk management

Question 26

To begin with, you must recognize and make a design (plan). Then be prepared to act when a risk emerges, drawing upon the experience and information on the entire team to limit the effect on the project.

Answer 26

Risk management

Question 27

Risk management includes the following tasks:

Answer 27

 Identify risks and their triggers
 Classify and prioritize all risks
 Craft a plan that links each risk to a mitigation
 Monitor for risk triggers during the project
 Implement the mitigating action if any risk materializes
 Communicate risk status throughout project

Question 28

Risk management is an ___.

Answer 28

extensive discipline

Question 29

A checklist of best practices for managing risk on software development and software engineering projects should include

Answer 29

 Always be forward-thinking about risk management. Otherwise, the project team will be driven from one crisis to the next.
 Use checklists, and compare with similar previous projects.
 Prioritize risks, ranking each according to the severity of exposure.
 Develop a top-10 or top-20 risk list for your project. Like most project managers, you can probably reuse this list on the next project!
 Vigorously watch for surfacing risks by meeting with key stakeholders— especially with the marketing team and the customer.
 As practicable, split larger risks into smaller, easily recognizable and readilymanageable risks.
 Strongly encourage stakeholders to think proactively and communicate about risks throughout the entire project.

Question 30

___ is the overall term used to describe the collective procedures, strategies, solutions and tools used to safeguard the confidentiality, integrity and accessibility of the organization’s information and digital resources.

Answer 30

IT security

Question 31

A thorough ___ uses a mix of advanced technologies and human resources to prevent, detect, and remediate a variety of cyber threats and cyber attacks.

Answer 31

IT security procedure

Question 32

It will incorporate security for all hardware systems, software applications and endpoints, as well as the network itself and its various components, such as physical or cloud-based data centers.

Answer 32

a thorough IT security procedure

Question 33

IT security is an umbrella term that includes any ___ intended to protect the organization’s ___.

Answer 33

plan, measure or tool; digital assets

Question 34

Elements of IT security include:

Answer 34

 Cyber security
 Endpoint security, or endpoint protection
 Cloud security
 Network security
 Container security
 IoT security

Question 35

is the defending of advanced resources, including networks, systems, PCs and information, from cyber attacks.

Answer 35

Cyber security

Question 36

is the most common way of safeguarding an organization’s endpoints - such as desktops, laptops and mobile devices— from malicious activity.

Answer 36

Endpoint security, or endpoint protection

Question 37

is the collective term for the procedure and arrangements that safeguard the cloud infrastructure, and any service or application hosted within the cloud environment, from cyber threats.

Answer 37

Cloud security

Question 38

refers to the devices, technologies, and processes that safeguard the network and basic infrastructure from cyber attacks and evil actions. It incorporates a blend of preventive and defensive measures designed to deny unauthorized access of resources and data.

Answer 38

Network security

Question 39

is the continuous process of safeguarding containers — as well as the container pipeline, deployment infrastructure and supply — from cyber threats.

Answer 39

Container security

Question 40

is a subset of network protection that spotlights on safeguarding, checking and remediating dangers connected with the Internet of Things (IoT) and the network of connected IoT devices that gather, store, and share information through the internet.

Answer 40

IoT security

Question 41

IT security can be divided into two main areas: ___ and ___.

Answer 41

system disruptions and targeted malicious attacks

Question 42

A ___ can incorporate the temporary interruption of business operations due to any system component, such as faulty hardware, network failures or software glitches.

Answer 42

system disruption

Question 43

In these situations, the business is in danger of ___ because of inoperability or the possibility of reputational harm.

Answer 43

losing revenues

Question 44

While keeping up with full system operation is a significant piece of IT security, the really pressing perspective relates to ___, most of which are designed to access or steal data and other sensitive information.

Answer 44

cyber attacks

Question 45

Common cyber attacks include:

Answer 45

 Advanced Persistent Threats (APTs)
 Malware
 Phishing
 DoS or DDoS
 Botnets
 Insider Threats

Question 46

is a refined, supported cyber attack in which an intruder lays out an undetected presence in a network in order to steal sensitive data over a prolonged period of time.

Answer 46

Advanced Persistent Threats (APTs)

Question 47

is carefully planned and designed to infiltrate a specific organization, sidestep existing security efforts and go unnoticed.

Answer 47

APT assault

Question 48

is a term used to depict any program or code that is made with the goal to cause damage to a computer, network or server.

Answer 48

Malware (malevolent software)

Question 49

Common types of malware include…

Answer 49

viruses, ransomware, keyloggers, trojans, worms and spyware

Question 50

is a sort of cyber attack that uses email, SMS, telephone or web-based media to captivate a victim to share personal data — for example, passwords or account numbers — or to download a malicious file that will install viruses on their computer or phone.

Answer 50

Phishing

Question 51

is a malicious, targeted attack that floods a network with misleading requests in order to disrupt business operations.

Answer 51

Denial-of-Service (DoS) attack

Question 52

In a ___, users cannot perform routine and necessary tasks, such as accessing email, websites, online accounts or other resources that are operated by a compromised computer or network.

Answer 52

DoS attack

Question 53

A ___ is an attempt by malicious actors to render a service or a system (eg. server, network resource, or even a specific transaction) unavailable by flooding the resource with requests.

Answer 53

distributed-denial-of-service (DDoS) attack

Question 54

is a network of compromised computers that are supervised by a command and control (C&C) channel.

Answer 54

botnet

Question 55

The person who operates the command and control infrastructure, the ___, uses the compromised computers, or bots, to launch attacks designed to crash a target’s network, inject malware, harvest credentials or execute CPU-intensive tasks.

Answer 55

bot herder or botmaster

Question 56

is a cybersecurity attack that originates within the organization, typically through a current or former employee.

Answer 56

insider threat

Question 57

Components of a comprehensive IT security strategy include:

Answer 57

Endpoint detection and response (EDR)
Managed detection and response (MDR)
Incident response (IR)
Next-generation antivirus (NGAV)

Question 58

is a comprehensive solution that distinguishes and contextualizes suspicious activity to help the security team prioritize response and remediation efforts in the event of a security breach.

Answer 58

Endpoint detection and response (EDR)

Question 59

is a cyber security service that joins technology and human expertise to perform threat hunting, observing (monitoring) and response.

Answer 59

Managed detection and response (MDR)

Question 60

The fundamental advantage of ___ is that it helps rapidly identify and limit the impact of threats without the need for additional staffing.

Answer 60

Managed detection and response (MDR)

Question 61

refers to the steps the organization takes to plan for, identify, contain and recover from a data breach.

Answer 61

Incident response (IR)

Question 62

This part ordinarily comes full circle in the improvement of an incident response plan, which is a record that outlines the steps and procedures the organization will take in the event of a security incident.

Answer 62

Incident response (IR)

Question 63

uses a combination of artificial intelligence, behavioral detection, AI algorithms and exploit mitigation, so known and unknown security threats can be anticipated and immediately prevented.

Answer 63

Next-generation antivirus (NGAV)

Question 64

is the simulation of real-world attacks in order to test an organization’s detection and response capacities.

Answer 64

Penetration testing, or pen testing