When designing security architecture for software development, creators should do which of the following?Question 18Answera.Rely primarily on obfuscation for security concerns.b.Do not worry about separating functions needing higher privilege from othersc.Decide how much security is enough.d.Do not be too concerned about reducing the damage from hacking activities

When developing secure software, which of the following is an important step in secure software design?Question 11Answera.Adopt a risk dispute policy.b.Increase the level of complexity throughout the code.c.Settle high-level technical issues.d.Practice risk transference whenever possible.Clear my choiceQuestion 12Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding secure software, __________ can think like attackers in order to find vulnerabilities that real attackers may seek out, in addition to finding functionality issues, such as bugs, right before the software is released.Question 12Answera.End-usersb.Testersc.Project managersd.DevelopersClear my choiceQuestion 13Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding risk-based testing of secure software, which of the following is NOT a variable in the DREAD modeling formula?Question 13Answera.Discoverabilityb.Damagec.Availabilityd.Affected UsersClear my choiceQuestion 14Not yet answeredPoints out of 1.00Flag questionTipsQuestion textIn secure software testing, which one of the following do automated code review tools help to discover?Question 14Answera.Lack of exceptionsb.Isolated implementationsc.Content mutationsd.TraceabilityClear my choiceQuestion 15Not yet answeredPoints out of 1.00Flag questionTipsQuestion textIn a way, __________ must act like attackers, they may quickly find simple security vulnerabilities in software systems that would be possible for an attacker to exploit.Question 15Answera.Testersb.End-usersc.Project managersd.Developers

Among the following which one is the most important when it comes to protection of company or individual information as a security administrator a. Protection and proper use of company or client personal information b. Know the processes to protect company's information c. Build proper security practices within the organization d. all of the above

___________ is a strategy in which multiple security measures are set in place to establish protective barriers across multiple layers of a system.Question 16Answera.Open designb.Economy of mechanismc.Separation of privileged.Defense in depthClear my choiceQuestion 17Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding secure software, _________ help developers maintain awareness of common threats and weaknesses in similar applications so that the developers may create software with the appropriate security measures in place.Question 17Answera.Vulnerability databasesb.Input validatorsc.Traceability documentsd.CountermeasuresClear my choiceQuestion 18Not yet answeredPoints out of 1.00Flag questionTipsQuestion textExploits are programs or methods that take advantage of ________, which are weaknesses in a system's design/implementation that allow an attacker to perform some malicious act.Question 18Answera.Countermeasuresb.Workaroundsc.Vulnerabilitiesd.ObfuscationsClear my choiceQuestion 19Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhat is the software trait that provides accountability for developers and is essential for computer forensics investigations?Question 19Answera.Simplicityb.Reliabilityc.Traceabilityd.None of the aboveClear my choiceQuestion 20Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhich of the following is an example of a software error?Question 20Answera.An abnormal condition that occurs when a user interacts with the software in an unexpected way.b.An incorrect line of code.c.A bad calculation that produces incorrect results.d.All of the above.

When is the best time to implement security policies to help developers diminish the number of vulnerabilities during application development?after the first prototype of the application is completed and has been submitted for stakeholder reviewafter the application is completedwhile the application is being writtenbefore the development occurs

An important goal to meet when designing efficient, secure software is to __________.Question 19Answera.Create the design understanding that the specifications will be expanded until the project is deployedb.Allow for additional functions to remain in the software so they may be used laterc.Determine the amount of time it will take to complete the designd.Create the design with an understanding that the initial security measures may fail due to new attacks or vulnerabilities