The PRIMARY reason for incorporating security into the software development life cycle is to protect
the unauthorized disclosure of information.
the corporate brand and reputation
against hackers who intend to misuse the software.
the developers from releasing software with security defects.
The resiliency of software to withstand attacks that attempt modify or alter data in an unauthorized manner is referred to as
Confidentiality.
Integrity.
Availability.
Authorization.
The MAIN reason as to why the availability aspects of software must be part of the organization’s software security initiatives is:
software issues can cause downtime to the business.
developers need to be trained in the business continuity procedures.
testing for availability of the software and data is often ignored.
hackers like to conduct Denial of Service (DoS) attacks against the organization.
Developing the software to monitor its functionality and report when the software is down and unable to provide the expected service to the business is a protection to assure which of the following?
Authentication.
When a customer attempts to log into their bank account, the customer is required to enter a nonce from the token device that was issued to the customer by the bank. This type of authentication is also known as which of the following?
Ownership based authentication.
Two factor authentication.
Characteristic based authentication.
Knowledge based authentication.
Multi-factor authentication is most closely related to which of the following security design principles?
Separation of Duties.
Defense in depth.
Complete mediation.
Open design.
Audit logs can be used for all of the following EXCEPT
providing evidentiary information.
assuring that the user cannot deny their actions.
detecting the actions that were undertaken.
preventing a user from performing some unauthorized operations.
Organizations often pre-determine the acceptable number of user errors before recording them as security violations. This number is otherwise known as:
Clipping level.
Known Error.
Minimum Security Baseline.
Maximum Tolerable Downtime.
A security principle that maintains the confidentiality, integrity and availability of the software and data, besides allowing for rapid recovery to the state of normal operations, when unexpected events occur is the security design principle of
defense in depth.
economy of mechanisms.
fail secure
psychological acceptability
Requiring the end user to accept an ‘AS-IS’ disclaimer clause before installation of your software is an example of risk
avoidance.
mitigation.
transference.
acceptance.
An instrument that is used to communicate and mandate organizational and management goals and objectives at a high level is a
standard.
policy.
baseline.
guideline.
The Systems Security Engineering Capability Maturity Model (SSECMM ®) is an internationally recognized standard that publishes guidelines to
provide metrics for measuring the software and its behavior, and using the software in a specific context of use.
evaluate security engineering practices and organizational management processes.
support accreditation and certification bodies that audit and certify information security management systems.
ensure that the claimed identity of personnel are appropriately verified.
Which of the following is a framework that can be used to develop a risk based enterprise security architecture by determining security requirements after analyzing the business initiatives.
Capability Maturity Model Integration (CMMI)
Sherwood Applied Business Security Architecture (SABSA)
Control Objectives for Information and related Technology (COBIT®)
Zachman Framework
Which of the following is a PRIMARY consideration for the software publisher when selling Commercially Off the Shelf (COTS) software?
Service Level Agreements (SLAs).
Intellectual Property protection.
Cost of customization.
Review of the code for backdoors and Trojan horses.
The Single Loss Expectancy can be determined using which of the following formula?
Annualized Rate of Occurrence (ARO) x Exposure Factor
Probability x Impact
Asset Value x Exposure Factor
Annualized Rate of Occurrence (ARO) x Asset Value
Implementing IPSec to assure the confidentiality of data when it is transmitted is an example of risk
The Federal Information Processing Standard (FIPS) that prescribe guidelines for biometric authentication is
FIPS 140.
FIPS 186.
FIPS 197.
FIPS 201.
Which of the following is a multi-faceted security standard that is used to regulate organizations that collects, processes and/or stores cardholder data as part of their business operations?
ISO/IEC 15408.
NIST SP 800-64.
PCI DSS.
Which of the following is the current Federal Information Processing Standard (FIPS) that specifies an approved cryptographic algorithm to ensure the confidentiality of electronic data?
Security Requirements for Cryptographic Modules (FIPS 140).
Peronal Identity Verification (PIV) of Federal Employees and Contractors (FIPS 201).
Advanced Encryption Standard (FIPS 197).
Digital Signature Standard (FIPS 186).
The organization that publishes the ten most critical web application security risks (Top Ten) is the
Computer Emergency Response Team (CERT).
Web Application Security Consortium (WASC).
Open Web Application Security Project (OWASP).
Forums for Incident Response and Security Teams (FIRST)
The process of removing private information from sensitive data sets is referred to as
Sanitization.
Degaussing.
Anonymization.
Formatting.
(Domain 2) Which of the following MUST be addressed by software security requirements? Choose the BEST answer
Technology used in building the application
Goals and objectives of the organization.
Software quality requirements
External auditor requirements
Which of the following types of information is exempt from confidentiality requirements?
Directory information.
Personally identifiable information (PII).
User’s card holder data.
Software architecture and network diagram
Requirements that are identified to protect against the destruction of information or the software itself are commonly referred to as
confidentiality requirements.
integrity requirements
availability requirements.
authentication requirements
The amount of time by which business operations need to be restored to service levels as expected by the business when there is a security breach or disaster is known as
Maximum Tolerable Downtime (MTD).
Mean Time Before Failure (MTBF).
Minimum Security Baseline (MSB).
Recovery Time Objective (RTO).
The use of an individual’s physical characteristics such as retinal blood patterns and fingerprints for validating and verifying the user’s identity if referred to as
biometric authentication.
forms authentication.
digest authentication.
integrated authentication.
Which of the following policies is MOST likely to include the following requirement? “All software processing financial transactions need to use more than one factor to verify the identity of the entity requesting access””
Authorization
Auditing
Availability
A means of restricting access to objects based on the identity of subjects and/or groups to which they belong, as mandated by the requested resource owner is the definition of
Non-discretionary Access Control (NDAC).
Discretionary Access Control (DAC).
Mandatory Access Control (MAC).
Role based Access Control.
Requirements which when implemented can help to build a history of events that occurred in the software are known as
authentication requirements.
archiving requirements.
accountability requirements.
authorization requirements.
Which of the following is the PRIMARY reason for an application to be susceptible to a Man-in-the-Middle (MITM) attack?
Improper session management
Lack of auditing
Improper archiving
Lack of encryption
The process of eliciting concrete software security requirements from high level regulatory and organizational directives and mandates in the requirements phase of the SDLC is also known as
threat modeling.
policy decomposition.
subject-object modeling
misuse case generation.
The FIRST step in the Protection Needs Elicitation (PNE) process is to
engage the customer
model information management
identify least privilege applications
conduct threat modeling and analysis
A Requirements Traceability Matrix (RTM) that includes security requirements can be used for all of the following except
ensuring scope creep does not occur
validating and communicating user requirements
determining resource allocations
identifying privileged code sections
Parity bit checking mechanisms can be used for all of the following except
Error detection
Message corruption.
Integrity assurance
Input validation
Which of the following is an activity that can be performed to clarify requirements with the business users using diagrams that model the expected behavior of the software?
Threat modeling
Use case modeling
Misuse case modeling
Data modeling
Which of the following is LEAST LIKELY to be identified by misuse case modeling?
Race conditions
Mis-actors
Attacker’s perspective
Negative requirements
Data classification is a core activity that is conducted as part of which of the following?
Key Management Lifecycle
Information Lifecycle Management
Configuration Management
Problem Management
Web farm data corruption issues and card holder data encryption requirements need to be captured as part of which of the following requirements?
Environment.
International.
Procurement.
When software is purchased from a third party instead of being built in-house, it is imperative to have contractual protection in place and have the software requirements explicitly specified in which of the following?
Service Level Agreements (SLA).
Non-Disclosure Agreements (NDA)
Non-compete Agreements
Project plan.
When software is able to withstand attacks from a threat agent and not violate the security policy it is said to be exhibiting which of the following attributes of software assurance?
Reliability
Resiliency.
Recoverability
Redundancy.
Infinite loops and improper memory calls are often known to cause threats to which of the following?
Accountability.
Which of the following is used to communicate and enforce availability requirements of the business or client?
Non-Disclosure Agreement (NDA).
Corporate Contract.
Threat model.
Software security requirements that are identified to protect against disclosure of data to unauthorized users is otherwise known as
authorization requirements
non-repudiation requirements.
The requirements that assure reliability and prevent alterations are to be identified in which section of the software requirements specifications (SRS) documentation?
Accountability
Which of the following is a covert mechanism that assures confidentiality?
Encryption.
Steganography.
Hashing.
Masking.
As a means to assure confidentiality of copyright information, the security analyst identifies the requirement to embed information insider another digital audio, video or image signal. This is commonly referred to as
Licensing
Watermarking.
Checksum validation can be used to satisfy which of the following requirements?
A Requirements Traceability Matrix (RTM) that includes security requirements can be used for all of the following EXCEPT
Ensure scope creep does not occur
Validate and communicate user requirements
Determine resource allocations
Identifying privileged code sections
Domain 3 During which phase of the software development lifecycle (SDLC) is threat modeling initiated?
Requirements analysis
Design
Implementation
Deployment
Certificate Authority, Registration Authority, and Certificate Revocation Lists are all part of which of the following?
Advanced Encryption Standard (AES)
Steganography
Public Key Infrastructure (PKI)
Lightweight Directory Access Protocol (LDAP)
The use of digital signatures has the benefit of providing which of the following that is not provided by symmetric key cryptographic design?
Speed of cryptographic operations
Confidentiality assurance
Key exchange
Non-repudiation
When passwords are stored in the database, the best defense against disclosure attacks can be accomplished using
encryption.
masking.
hashing.
obfuscation.
Nicole is part of the ‘author’ role as well as she is included in the ‘approver’ role, allowing her to approve her own articles before it is posted on the company blog site. This violates the principle of
least privilege.
least common mechanisms.
separation of duties
The primary reason for designing Single Sign On (SSO) capabilities is to
increase the security of authentication mechanisms
simplify user authentication.
have the ability to check each access request
allow for interoperability between wireless and wired networks.
Database triggers are PRIMARILY useful for providing which of the following detective software assurance capability?
Auditing.
Archiving
During a threat modeling exercise, the software architecture is reviewed to identify
attackers.
business impact.
critical assets
entry points.
A Man-in-the-Middle (MITM) attack is PRIMARILY an expression of which type of the following threats?
Spoofing
Tampering
Repudiation
Information disclosure
IPSec technology which helps in the secure transmission of information operates in which layer of the Open Systems Interconnect (OSI) model?
Transport.
Network
Session.
Application.
When internal business functionality is abstracted into service oriented contract based interfaces, it is PRIMARILY used to provide for
interoperability.
authentication.
authorization.
installation ease.
At which layer of the Open Systems Interconnect (OSI) model must security controls be designed to effectively mitigate side channel attacks?
Transport
Data link
Physical
Which of the following software architectures is effective in distributing the load between the client and the server, but since it includes the client to be part of the threat vectors it increases the attack surface?
Software as a Service (SaaS).
Service Oriented Architecture (SOA).
Rich Internet Application (RIA).
Distributed Network Architecture (DNA).
When designing software to work in a mobile computing environment, the Trusted Platform Module (TPM) chip can be used to provide which of the following types of information?
Identification.
When two or more trivial pieces of information are brought together with the aim of gleaning sensitive information, it is referred to as what type of attack?
Injection.
Inference.
Phishing.
Polyinstantiation.
The inner workings and internal structure of backend databases can be protected from disclosure using
triggers.
normalization.
views.
encryption
Choose the BEST answer. Configurable settings for logging exceptions, auditing and credential management must be part of
database views.
security management interfaces.
global files.
exception handling.
The token that is PRIMARILY used for authentication purposes in a Single Sign (SSO) implementation between two different companies is
Kerberos
Security Assert Markup Language (SAML)
Liberty alliance ID-FF
One Time password (OTP)
Syslog implementations require which additional security protection mechanisms to mitigate disclosure attacks?
Unique session identifier generation and exchange.
Transport Layer Security.
Digital Rights Management (DRM)
Data Loss Prevention,
Rights and privileges for a file can be granularly granted to each client using which of the following technologies
Data Loss Prevention (DLP).
Software as a Service (SaaS)
Flow control
Which of the following is known to circumvent the ring protection mechanisms in operating systems?
Cross Site Request Forgery (CSRF)
Coolboot
SQL Injection
Rootkit
When the software is designed using Representational State Transfer (REST) architecture, it promotes which of the following good programming practices?
High Cohesion
Low Cohesion
Tight Coupling
Loose Coupling
. Which of the following components of the Java architecture is primarily responsible to ensure type consistency, safety and assure that there are no malicious instructions in the code?
Garbage collector
Class Loader
Bytecode Verfier
Java Security Manager
The primary security concern when implementing cloud applications is related to
Insecure APIs
Data leakage and/or loss
Abuse of computing resources
Unauthorized access
The predominant form of malware that infects mobile apps is
Virus
Ransomware
Worm
Spyware
Most Supervisory Control And Data Acquisition (SCADA) systems are susceptible to software attacks because
they were not initially implemented with security in mind
the skills of a hacker has increased significantly
the data that they collect are of top secret classification
the firewalls that are installed in front of these devices have been breached.
Domain 4 Software developers writes software programs PRIMARILY to
create new products
capture market share
solve business problems
mitigate hacker threats
The process of combining necessary functions, variables and dependency files and libraries required for the machine to run the program is referred to as
compilation
interpretation
linking
instantiation
Which of the following is an important consideration to manage memory and mitigate overflow attacks when choosing a programming language?
Locality of reference
Type safety
Cyclomatic complexity
Parametric polymorphism
Assembly and machine language are examples of
natural language
very high-level language (VHLL)
high-level language (HLL)
low-level language
Using multifactor authentication is effective in mitigating which of the following application security risks?
Injection flaws
Cross-Site Scripting (XSS)
Buffer overflow
Man-in-the-Middle (MITM)
Impersonation attacks such as Man-in-the-Middle (MITM) attacks in an Internet application can be BEST mitigated using proper
Configuration Management.
Session Management.
Patch Management.
Exception Management.
Implementing Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) protection is a means of defending against
Cross-Site Request Forgery (CSRF)
. Insecure cryptographic storage
The findings of a code review indicate that cryptographic operations in code use the Rijndael cipher, which is the original publication of which of the following algorithms?
Skipjack
Data Encryption Standard (DES)
Triple Data Encryption Standard (3DES)
Which of the following transport layer technologies can BEST mitigate session hijacking and replay attacks in a local area network (LAN)?
Data Loss Prevention (DLP)
Internet Protocol Security (IPSec)
Secure Sockets Layer (SSL)
Verbose error messages and unhandled exceptions can result in which of the following software security threats?
Code signing can provide all of the following EXCEPT
Anti-tampering protection
Authenticity of code origin
Runtime permissions for code
Authentication of users
When an attacker uses delayed error messages between successful and unsuccessful query probes, he is using which of the following side channel techniques to detect injection vulnerabilities?
Distant observation
Cold boot
Power analysis
Timing
When the code is not allowed to access memory at arbitrary locations that is out of range of the memory address space that belong to the object’s publicly exposed fields, it is referred to as which of the following types of code?
Object code
Type safe code
Obfuscated code
Source code
When the runtime permissions of the code are defined as security attributes in the metadata of the code, it is referred to as
imperative syntax security
declarative syntax security
code signing
code obfuscation
When an all-or-nothing approach to code access security is not possible and business rules and permissions need to be set and managed more granularly inline code functions and modules, a programmer can leverage which of the following?
Cryptographic agility
Declarative security
Imperative security
An understanding of which of the following programming concepts is necessary to protect against memory manipulation buffer overflow attacks? Choose the BEST answer.
Error handling
Exception management
Generics
Exploit code attempt to take control of dangling pointers which
are references to memory locations of destroyed objects.
is the non-functional code that that is left behind in the source.
is the payload code that the attacker uploads into memory to execute.
are references in memory locations that are used prior to being initialized.
Which of the following is a feature of most recent operating systems (OS) that makes it difficult for an attacker to guess the memory address of the program as it makes the memory address different each time the program is executed?
Data Execution Prevention (DEP)
Executable Space Protection (ESP)
Address Space Layout Randomization (ASLR)
Safe Security Exception Handler (/SAFESEH)
When the source code is made obscure using special programs in order to make the readability of the code difficult when disclosed, the code is also known as
object code
obfuscated code.
encrypted code.
hashed code.
The ability to track ownership, changes in code and rollback abilities is possible because of which of the following configuration management processes?
Version control
Patching
Audit logging
Change control
The MAIN benefit of statically analyzing code is that
runtime behavior of code can be analyzed.
business logic flaws are more easily detectable.
the analysis is performed in a production or production-like environment
errors and vulnerabilities can be detected earlier in the life cycle.
Cryptographic protection includes all of the following EXCEPT
encryption of data when it is processed.
hashing of data when it is stored.
hiding of data within other media objects when it is transmitted.
masking of data when it is displayed.
Replacing the Primary Account Number (PAN) with random or pseudo-random symbols that are uniquely identifiable and still assuring privacy is also known as
Fuzzing
Tokenization
Encoding
Canonicalization
Which of the following is an implementation of the principle of least privilege?
Sandboxing
Versioning
. Concurrency
Domain 5 The ability of the software to restore itself to expected functionality when the security protection that is built in is breached is also known as
redundancy.
recoverability.
resiliency.
reliability.
In which of the following software development methodologies does unit testing enable collective code ownership and is critical to assure software assurance?
Waterfall
Agile
Spiral
Prototyping
Which of the secure design principles is promoted when test harnesses are used?
Least privilege
Separation of duties
Leveraging existing components
Psychological acceptability
The use of IF-THEN rules is characteristic of which of the following types of software testing?
Logic
Scalability
Integration
Unit
The implementation of secure features such as complete mediation and data replication needs to undergo which of the following types of test to ensure that the software meets the service level agreements (SLA)?
Stress
Regression
Tests that are conducted to determine the breaking point of the software after which the software will no longer be functional is characteristic of which of the following types of software testing?
Simulation
Which of the following tools or techniques can be used to facilitate the white box testing of software for insider threats?
Source code analyzers
Fuzzers
Banner grabbing software
Scanners
When very limited or no knowledge of the software is made known to the software tester before she can test for its resiliency, it is characteristic of which of the following types of security tests?
White box
Black box
Clear box
Glass box
Penetration testing must be conducted with properly defined
rules of engagement.
role based access control mechanisms
threat models.
use cases
Testing for the randomness of session identifiers and the presence of auditing capabilities provides the software team insight into which of the following security controls?
Non-repudiation.
Disassemblers, debuggers and decompilers can be used by security testers to PRIMARILY determine which of the following types of coding vulnerabilities?
Lack of reverse engineering protection.
Cross-Site Scripting.
Broken session management.
When reporting a software security defect in the software, which of the following also needs to be reported so that variance from intended behavior of the software can be determined?
Defect identifier
Title
Expected results
Tester name
An attacker analyzes the response from the web server which indicates that its version is the Microsoft Internet Information Server 6.0 (Microsoft-IIS/6.0), but none of the IIS exploits that the attacker attempts to execute on the web server are successful. Which of the following is the MOST probable security control that is implemented?
Hashing
Cloaking
Masking
Watermarking
Smart fuzzing is characterized by injecting
truly random data without any consideration for the data structure.
variations of data structures that are known.
data that get interpreted as commands by a backend interpreter
scripts that are reflected and executed on the client browser.
Which of the following is the MOST important to ensure, as part of security testing, when the software is forced to fail x? Choose the BEST answer.
Normal operational functionality is not restored automatically.
Access to all functionality is denied.
Confidentiality, integrity and availability are not adversely impacted.
End users are adequately trained and self help is made available for the end user to fix the error on their own.
Timing and synchronization issues such as race conditions and resource deadlocks can be MOST LIKELY identified by which of the following tests? Choose the BEST answer.
The PRIMARY objective of resiliency testing of software is to determine
the point at which the software will break.
if the software can restore itself to normal business operations.
the presence and effectiveness of risk mitigation controls.
how a blackhat would circumvent access control mechanisms.
The ability of the software to withstand attempts of attackers who intend to breach the security protection that is built in is also known as
Drivers and stub based programming are useful to conduct which of the following tests?
Penetration
Assurance that the software meets the expectations of the business as defined in the service level agreements (SLAs) can be demonstrated by which of the following types of tests?
Performance
Vulnerability scans are used to
measure the resiliency of the software by attempting to exploit weaknesses.
detect the presence of loopholes and weaknesses in the software.
detect the effectiveness of security controls that are implemented in the software.
measure the skills and technical know-how of the security tester.
In the context of test data management, when a transaction which serves no business purpose is tested, it is referred to as what kind of transaction?
Non-synthetic
Synthetic
Useless
Discontinuous
As part of the test data management strategy, when a criteria is applied to export selective information from a production system to the test environment, it is also referred to as
Subletting
Filtering
Validation
Subsetting
Domain 6 Your organization has the policy to attest the security of any software that will be deployed into the production environment. A third party vendor software is being evaluated for its readiness to be deployed. Which of the following verification and validation mechanism can be employed to attest the security of the vendor’s software?
Source code review
Threat modeling the software
Black box testing
Structural analysis
To meet the goals of software assurance, when accepting software, the acquisition phase MUST include processes to
verify that installation guides and training manuals are provided.
assess the presence and effectiveness of protection mechanisms.
validate vendor’s software products.
assist the vendor in responding to the request for proposals.
The process of evaluating software to determine whether the products of a given development phase satisfies the conditions imposed at the start of the phase is referred to as
verification
validation
authentication
authorization
When verification activities are used to determine if the software is functioning as it is expected to, it provides insight into which of the following aspects of software assurance?
Redundancy
Resiliency
When procuring software the purchasing company can request the evaluation assurance levels (EALs) of the software product which is determined using which of the following evaluation methodologies?
Operationally Critical Assets Threats and Vulnerability Evaluation® (OCTAVE)
Security Quality Requirements Engineering (SQUARE)
Common Criteria
Comprehensive, Lightweight Application Security Process (CLASP)
The FINAL activity in the software acceptance process is the go/no go decision that can be determined using
regression testing.
integration testing.
unit testing.
user acceptance testing.
Management’s formal acceptance of the system after an understanding of the residual risks to that system in the computing environment is also referred to as
patching.
hardening.
certification.
accreditation.
You determine that a legacy software running in your computing environment is susceptible to Cross Site Request Forgery (CSRF) attacks because of the way it manages sessions. The business has the need to continue use of this software but you do not have the source code available to implement security controls in code as a mitigation measure against CSRF attacks. What is the BEST course of action to undertake in such a situation?
Avoid the risk by forcing the business to discontinue use of the software.
Accept the risk with a documented exception.
Transfer the risk by buying insurance.
Ignore the risk since it is legacy software
As part of the accreditation process, the residual risk of a software evaluated for deployment must be accepted formally by the
board members and executive management
business owner.
information technology (IT) management
security organization
Domain 7 When software that worked without any issues in the test environments fails to work in the production environment, it is indicative of
inadequate integration testing
incompatible environment configurations.
incomplete threat modeling.
ignored code review
Which of the following is not characteristic of good security metrics?
Quantitatively expressed
Objectively expressed
Contextually relevant
Collected manually
Removal of maintenance hooks, debugging code and flags, and unneeded documentation before deployment are all examples of software
hardening
reversing.
Which of the following has the goal of ensuring that the resiliency levels of software is always above the acceptable risk threshold as defined by the business post deployment?
Threat modeling.
Code review.
Continuous monitoring.
Regression testing.
Logging application events such as failed login attempts, sales price updates and user roles configuration for audit review at a later time is an example of which of the following type of security control?
Preventive
Corrective
Compensating
Detective
When a compensating control is to be used, the Payment Card Industry Data Security Standard (PCI DSS) prescribes that the compensating control must meet all of the following guidelines EXCEPT
Meet the intent and rigor of the original requirement.
Provide an increased level of defense than the original requirement
Be implemented as part of a defense in depth measure.
Must commensurate with additional risk imposed by not adhering to the requirement
Versioning, back-ups, check-in and check-out practices are all important components of
Patch management
Release management
Problem management
Incident management
Software that is deployed in a high trust environment such as the environment within the organizational firewall when not continuously monitored is MOST susceptible to which of the following types of security attacks? Choose the BEST answer.
Distributed Denial of Service (DDoS)
Malware
Logic Bombs
DNS poisoning
Bastion host systems can be used to continuously monitor the security of the computing environment when it is used in conjunction with intrusion detection systems (IDS) and which other security control?
Archiving.
The FIRST step in the incident response process of a reported breach is to
notify management of the security breach.
research the validity of the alert or event further
inform potentially affected customers of a potential breach.
conduct an independent third party evaluation to investigate the reported breach.
Which of the following is the BEST recommendation to champion security objectives within the software development organization?
Informing the developers that they could lose their jobs if their software is breached.
Informing management that the organizational software could be hacked.
Informing the project team about the recent breach of the competitor’s software.
Informing the development team that there should be no injection flaws in the payroll application.
Which of the following independent process provides insight into the presence and effectiveness of security and privacy controls and is used to determine the organization’s compliance with the regulatory and governance (policy) requirements?
Penetration testing
Audits
Code review
The process of using regular expressions to parse audit logs into information that indicate security incidents is referred to as
correlation.
collection.
visualization.
The FINAL stage of the incident management process is to
detection.
containment.
eradication
recovery
Problem management aims to improve the value of Information Technology to the business because it improves service by
restoring service to the expectation of the business user
determining the alerts and events that need to be continuously monitored.
depicting incident information in easy to understand user friendly format.
identifying and eliminating the root cause of the problem
The process of releasing software to fix a recently reported vulnerability without introducing any new features or changing hardware configuration is referred to as
versioning.
porting.
Fishbone diagramming is a mechanism that is PRIMARILY used for which of the following processes?
Requirements analysis.
Network deployment.
Root cause analysis.
As a means to assure the availability of the existing software functionality after the application of a patch, the patch need to be tested for
the proper functioning of new features
cryptographic agility
backward compatibility.
the enabling of previously disabled services
Which of the following policies needs to be established to securely dispose software and associated data and documents?
End-of-life.
Vulnerability management.
Privacy.
Data classification.
Discontinuance of a software with known vulnerabilities with a newer version is an example of risk
Printer ribbons, facsimile transmissions and printed information when not securely disposed are susceptible to disclosure attacks by which of the following threat agents? Choose the BEST answer.
Dumpster divers
Social engineers
Script kiddies.
System resources can be protected from malicious file execution attacks by uploading the user supplied file and running it in which of the following environment?
Honeypot
Sandbox
Simulated
Production
As a means to demonstrate the improvement in the security of code that is developed, one must compute the relative attack surface quotient (RASQ)
at the end of development phase of the project
before and after the code is implemented.
before and after the software requirements are complete.
at the end of the deployment phase of the project.
Modifications to data directly in the database by developers must be prevented by
periodically patching database servers
implementing source code version control.
logging all database access requests.
proper change control management.
Which of the following documents is the BEST source to contain damage and which needs to be referred to and consulted with upon the discovery of a security breach?
Disaster Recovery Plan.
Project Management Plan.
Incident Response Plan.
Quality Assurance and Testing Plan.
Domain 8 The increased need for security in the software supply chain is PRIMARILY attributed to
cessation of development activities within a company
increase in the number of foreign trade agreements
incidences of malicious code and logic found in acquired software
decrease in the trust of consumers on software developed within a company.
Which phase of the acquisition life cycle involves the issuance of advertisements to source and evaluate suppliers?
Contracting
Planning
Development
Delivery (Handover
Predictable execution means that the software demonstrates all the following qualities EXCEPT?
Authenticity
Conformance
Trustworthiness
Which of the following is a process threat in the software supply chain?
Counterfeit software
Insecure code transfer
Subornation
Piracy
In the context of the software supply chain, the principle of persistent protection is also known as
End-to-end encryption
Location agnostic protection
In pre-qualifying a supplier, which of the following must be assessed to ensure that the supplier can provide timely updates and hotfixes when an exploitable vulnerability in their software is reported?
Foreign ownership and control or influence
Security track record
Security knowledge of the supplier’ s personnel
Compliance with security policies, regulatory and privacy requirements.
Which of the following can provide insight into the effectiveness and efficiencies of the supply chain processes as it pertains to assuring trust and software security?
Key Performance Indicators (KPI)
Relative Attack Surface Quotient (RASQ)
Maximum Tolerable Downtime (MTD)
Requirements Traceability Matrix (RTM)
Which of the following contains the security requirements and the evidence needed to prove that the acquirer requirements are met as expected?
Software Configuration Management Plan
Minimum Security Baseline
Service Level Agreements
Assurance Plan
The difference between disclaimer-based protection and contractsbased is that
Contracts-based protection is mutual.
Disclaimer-based protection is mutual
Contracts-based protection is done by one-sided notification of terms
Disclaimer-based protection is legally binding.
Software programs, database models and images on a website can be protected using which of the following legal instrument?
Patents
Copyright
Trademarks
Trade secret
You find out that employees in your company have been downloading software files and sharing them using peer-to-peer based torrent networks. These software files are not free and need to be purchase from their respective manufacturers. You employee are violating
Trade secrets
Copyrights
Which of the following legal instruments assures the confidentiality of software programs, processing logic, database schema and internal organizational business processes and client lists?
Standards
Service Level Agreements (SLA)
When source code of Commercially Off-The-Shelf (COTS) software is escrowed and released under a free software or open source license when the original developer (or supplier) no longer continues to develop that software, that software is referred to as
Trialware
Demoware
Freeware
Improper implementation of validity periods using length-of-use checks in code can result in which of the following types of security issues for legitimate users?
Denial of Service
Authentication bypass
Your organization’s software is published as a trial version without any restricted functionality from the paid version. Which of the following MUST be designed and implemented to ensure that customers who have not purchased the software are limited in the availability of the software?
Disclaimers
Validity periods
Encryption
When must the supplier inform the acquirer of any applicable export control and foreign trade regulatory requirements in the countries of export and import?
Before delivery (handover)
Before code inspection.
After deployment.
Before retirement.
The disadvantage of using open source software from a security standpoint is
Only the original publisher of the source code can modify the code
Open source software is not supported and maintained by mature companies or communities.
The attacker can look into the source code to determine its exploitability.
Open source software can only be purchased using a piece-meal approach.
Which of the following is the most important security testing process that validates and verifies the integrity of software code, components and configurations, in a software security chain?
Which of the following is LEAST likely to be detected using a code review process?
Backdoors
Logic Flaws
Trojan horses
Which of the following security principle is LEAST related to the securing of code repositories?
Access Control
Open Design
The integrity of build tools and the build environment is necessary to protect against
spoofing
tampering
disclosure
denial of service
Which of the following kind of security testing tool detects the presence of vulnerabilities through disassembly and pattern recognition?
Source code scanners
Binary code scanners
Byte code scanners
Compliance validators
When software is developed by multiple suppliers, the genuineness of the software can be attested using which of the following processes?
Code signing
Code scanning
Which of the following must be controlled during handoff of software from one supplier to the next, so that no unauthorized tampering of the software can be done?
Chain of custody
Separation of privileges
System logs
Application data
Which of the following risk management concepts is demonstrated when using code escrows?
Avoidance
Transference
Mitigation
Acceptance
Which of the following types of testing is crucial to conduct to determine single points of failure in a System-of-systems (SoS)?
When software is handed from one supplier to the next, the following operational process needs to be in place so that the supplier from whom the software is acquirer can no longer modify the software?
Runtime integrity assurance
Termination Access Control
Custom Code Extension Checks
