42 Questions
Which phase of the bathtub curve is characterized by a constant failure rate?
Normal operating phase
What is the primary cause of failures during the wear-out phase?
Aging or wear-out mechanisms
Which of the following is not a phase of the bathtub curve?
Burn-in phase
What is the primary goal of exception handling?
To handle unexpected events
Which software quality model is not mentioned among the options?
CMM model
What is MTTF an abbreviation for?
Mean time to failure
How many product quality factors are proposed in McCall quality model?
8
What is the 'Useful Life' phase of the 'bathtub curve' characterized by?
Constant failure rate
What is software reliability defined as?
Time to failure
Time Behavior and Resource Behavior fall under which quality attribute of ISO 9126?
Efficiency
How are reliability and failure intensity related?
Direct relation
What is the main goal of combining historical data and systematic techniques in software project estimation?
To improve estimation accuracy
Who is responsible for designing security into a system?
System designers
What is the main benefit of using diverse technologies in distributed systems?
Increased system availability
What is social engineering in the context of system security?
A way to fool accredited users into giving away secret information
Why is it difficult to protect against social engineering in large organizations?
Due to the hierarchical structure and lack of personal relationships
What is infrastructure security engineering responsible for?
Configuring existing infrastructure to conform to security policies
What is the goal of application security engineering?
To design security into a system
What is the main advantage of distributing assets in a distributed system?
Increased system availability
What is the primary focus of configuration management policies and processes?
Recording and processing proposed system changes
What is the purpose of process analysis in process improvement?
To identify process weaknesses and bottlenecks
What is the relationship between the attribute that can be measured and the external quality attribute?
Dependent
What is the most significant factor that affects the accuracy and efficacy of estimates?
Project size
What describes the data and control to be processed?
Software scope
What is the approach to requirements gathering that encourages the creation of a joint team of customers and developers?
FAST
What is the primary objective of configuration management?
To record and process proposed system changes
What is the outcome of process analysis in process improvement?
Identification of process weaknesses and bottlenecks
What is the primary goal of the resistance strategy in enhancing system survivability?
To prevent attacks from being successful in the first place
Why might you recommend against software reuse in critical applications?
Because source code may not be available for review and testing
What is a potential risk of using COTS components?
Incompatible event/data model with other systems
What is the primary goal of the recognition strategy in enhancing system survivability?
To recognize attacks as they occur and respond quickly
In what circumstances might you recommend against software reuse?
When the business status of the code provider is dubious
What is the primary goal of the recovery strategy in enhancing system survivability?
To quickly recover from successful attacks and restore normal system service
What is a potential risk of using COTS components?
Inadequate performance when integrated with other systems
Why might you recommend against software reuse in systems where performance is critical?
Because specially developed code can be made more efficient
What is the main reason why it is practically impossible to validate reliability specifications when these are expressed in terms of a very small number of failures over the total lifetime of a system?
The number of failures is so low that it would take an unrealistically large amount of time to gather statistically valid failure data
Which of the following is a circumstance where software reuse is not recommended?
In small systems where the costs of reuse are comparable to the savings
What is a potential additional cost that may arise when deploying software as a service?
Increased maintenance costs
What is the main distinction between application security engineering and infrastructure security engineering?
Application security engineering focuses on securing applications, while infrastructure security engineering focuses on securing the underlying infrastructure
Why might a reliable system be unsafe?
Because a system can be reliable but still have safety vulnerabilities
In what type of system would software reuse not be recommended, even if source code is available?
High-performance systems
Why might deploying software as a service reduce IT support costs for a company?
Because it reduces the need for IT support
Study Notes
Bathtub Curve Phases
- The infant mortality phase is characterized by a high initial failure rate.
- The primary cause of failures during the infant mortality phase is defects in materials or manufacturing.
Constant Failure Rate Phase
- The constant failure rate phase is characterized by a constant failure rate.
Wear-Out Phase
- The primary cause of failures during the wear-out phase is deterioration due to aging.
Non-Phases of the Bathtub Curve
- There is no "random failure phase" in the bathtub curve.
Exception Handling
- Exception handling is a type of forward error recovery mechanism.
Software Quality Models
- ISO 9000 is not a software quality model.
- McCall model and Boehm model are software quality models.
Reliability
- MTTF stands for Mean Time To Failure.
- Reliability is defined as the ability of a system to perform its required functions under stated conditions for a specified period of time.
- Reliability and failure intensity are inversely related.
CMM Model
- CMM (Capability Maturity Model) is a technique to improve the software process.
Security
- Configuration management policies and processes define how to record and process proposed system changes.
- An independent relationship must not exist between the attribute that can be measured and the external quality attribute.
- Social engineering is when accredited users of a system are fooled into giving away secret information.
- It is difficult to protect against social engineering in large organizations because of their hierarchical structure and size.
Estimation
- Project size is an important factor that can affect the accuracy and efficacy of estimates.
- Software scope describes the data and control to be processed.
- Facilitated Application Specification Techniques (FAST) is a team-oriented approach to requirements gathering.
Application and Infrastructure Security Engineering
- Application security engineering is the responsibility of system designers who design security into the system.
- Infrastructure security engineering is the responsibility of system managers or administrators who configure the existing infrastructure software.
Diversity in Distributed Systems
- Diverse technologies provide protection against common vulnerabilities in different elements of the distributed system.
- Distributing assets so that attacks on one element do not disable the entire system enhances availability.
Survivability Strategies
- Resistance involves built-in mechanisms to resist attacks.
- Recognition involves recognizing that an attack is underway.
- Recovery involves built-in features to support recovery and resume normal system service quickly after a successful attack.
Software Reuse
- Software reuse is not recommended in certain circumstances, including:
- If the business status of the code provider is dubious.
- In critical applications where source code is not available.
- In small systems where the costs of reuse are comparable to the savings.
- In systems where performance is a critical requirement.
COTS Risks
- Risks that can arise when systems are constructed using COTS include:
- Vendor risks (e.g., failure of vendor to provide support).
- Product risks (e.g., incompatibility with other systems).
Reliability and Safety
- A reliable system can still be unsafe, and vice versa.
- It is practically impossible to validate reliability specifications when these are expressed in terms of a very small number of failures over the total lifetime of a system.
Test your knowledge of hardware reliability and the bathtub curve, a concept that describes the failure rate of a product over time.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free