Issay - longtest- finals

Questions and Answers

stage in the software engineering process at which an executable software system is developed.

• Software design and implementation (correct)
• Testing
• Architectural design
• The Model-View-Controller(MVC) Pattern

concerned with understanding how a software system should be organized and designing overall structure of that system

• Layered architecture
• Repository architecture
• Architectural design (correct)
• Client–server architecture

Non-functional requirements of the system

• Performance , Security , Safety, Accessibility, Maintainability
• Performance , Sovereignty, Safety, Availability, Maintainability
• Productivity, Security , Safety, Availability, Maintainability
• Performance , Security , Safety, Availability, Maintainability (correct)

Non-functional requirements of the system: architecture should be designed to localize critical operations within small number of components

Performance (A)

Non-functional requirements of the system: a layered structure for the architecture should be used, with the most critical assets protected in the innermost layers

Security (B)

Non-functional requirements of the system: architecture should be designed using fine-grain, self-contained components readily be changed.

Maintainability (D)

Non-functional requirements of the system: architecture should be designed so that safety-related operations are co-located in a single component

Safety (C)

Non-functional requirements of the system: architecture should be designed to include redundant components

Availability (C)

Non-functional requirements of the system

Performance , Security , Safety, Availability, Maintainability (C)

ARCHITECTURAL VIEWS

Logical view, Process view, Development view, Physical view (A)

ARCHITECTURAL VIEWS: shows the key abstractions in the system as objects or object classes.

Logical view (A)

Architectural view: shows the system hardware and how software components are distributed across the processors

Physical view (D)

ARCHITECTURAL VIEWS: shows how, at runtime, the system is composed of interacting processes.

Process view (B)

ARCHITECTURAL VIEWS: - shows how the software is decomposed for development

Development view (C)

ARCHITECTURAL VIEWS

Logical view, Process view, Development view, Physical view (D)

Separates presentation and interaction from the system data.

The Model-View-Controller(MVC) Pattern (D)

layered approach supports incremental development of systems.

Layered architecture (B)

The majority of systems that use large amounts of data are organized around a shared database or repository.

Repository architecture (B)

illustrates a commonly used runtime organization for distributed systems.

Client–server architecture (C)

Application systems are intended to meet a business or an organizational need.

Application architectures (D)

designed to process user requests for information from a database, or requests to update a database.

Transaction processing systems (A)

All systems that involve interaction with a shared database

Information systems (A)

translate one language into an alternative representation of that language and, for programming languages, may also execute the resulting code.

Language processing systems (B)

made up of interacting objects that maintain their own local state and provide operations on that state.

Object-oriented system (C)

By this stage in the design process, you should have some ideas about the essential objects in the system that you are designing.

Object class identification (A)

involve developing programs in high- or low-level programming languages.

Implementation (D)

Aspects of implementation

Reuse, Configuration management, Host-target development (D)

Aspects of implementation: Production software does not usually execute on the same computer as the software development environment.

Host-target development (C)

-Aspects of implementation: Most modern software is constructed by reusing existing components or systems.

Reuse (A)

Aspects of implementation: During the development process, many different versions of each software component are created

Configuration management (B)

Aspects of implementation

Reuse, Configuration management, Host-target development (B)

Fundamental principle of open-source development is that source code should be freely available, this does not mean that anyone can do as they wish with that code.

Open-source licensing (C)

intended to show that a program does what it is intended to do and to discover program defects before it is put into use.

Testing (A)

all testing activities that are carried out.

Development testing (C)

3 stages of development testing

Unit testing, Component testing, System testing (C)

3 stages of development testing: process of testing program components, such as methods or object classes.

Unit testing (A)

3 stages of development testing: where components integrated and the system is tested as a whole.

System testing (C)

3 stages of development testing: where several individual units integrated to create composite components.

Component testing (A)

3 stages of development testing

Unit testing, Component testing, System testing (B)

process of testing a particular release of a system that is intended for use outside of the development team.

Release testing (C)

-3 types of user testing

Alpha testing, Beta testing, Acceptance testing (C)

3 types of user testing: larger group allow to experiment and raise problems they discover

Beta testing (B)

3 types of user testing: selected group test early releases of the software.

Alpha testing (B)

3 types of user testing: customers test to decide whether or not it is ready

Acceptance testing (C)

3 types of user testing

Alpha testing, Beta testing, Acceptance testing (D)

As computer systems have become deeply embedded in our business and personal lives, the problems that result from system and software failure are increasing.

Dependable Systems (A)

Reason of Dependability of systems more important:

System failures, Users often reject systems, System failure costs, Undependable systems (C)

Reason of Dependability of systems more important:may cause information loss Data is very expensive to collect and maintain

Undependable systems (D)

Reason of Dependability of systems more important: that are unreliable, unsafe, or insecure

Users often reject systems (B)

Reason of Dependability of systems more important: affect large number of people Many systems include functionality that is rarely used.

System failures (A)

Reason of Dependability of systems more important:may be enormous For some applications, such as a reactor control system or an aircraft navigation system, the cost of system failure is orders of magnitude greater than the cost of the control system.

System failure costs (B)

Reason of Dependability of systems more important:

System failures, Users often reject systems, System failure costs, Undependable systems (A)

Designing a dependable system to consider:

Hardware failure, Software failure, Operational failure (C)

Designing a dependable system to consider :because of mistakes in its design, because of environmental factors; dampness or high temperatures

Hardware failure (B)

Designing a dependable system to consider: Human users may fail to use or operate the system as intended by its designers.

Operational failure (C)

Designing a dependable system to consider: because of mistakes in its specification, design, or implementation.

Software failure (B)

Designing a dependable system to consider:

Hardware failure, Software failure, Operational failure (B)

The dependability of a computer system is a property of the system that reflects its trustworthiness.

Dependability Properties (B)

Fault–error–failure model (Brian Randell) defined;

Human error or mistake, System fault, System error, System failure (A)

Fault–error–failure model (Brian Randell) defined; characteristic of a software system that can lead to a system error.

System fault (B)

Fault–error–failure model (Brian Randell) defined; event occurs at some point when system does not deliver service as expected by users.

System failure (D)

Fault–error–failure model (Brian Randell) defined;Human behavior that results faults into system.

. Human error or mistake - (A)

Fault–error–failure model (Brian Randell) defined;erroneous system state during execution that lead to system behavior that is unexpected by system users

System error (C)

Fault–error–failure model (Brian Randell) defined;

Human error or mistake, System fault, System error, System failure (B)

2 types of Dependability Requirements

Functional requirements, Non-functional requirements (D)

---2 types of Dependability Requirements: Define checking and recovery facilities thatshould be included in the system and features that provide protection against system failures and external attacks.

Functional requirements (A)

---2 types of Dependability Requirements---- Define the required reliability and availability of the system.

Non-functional requirements (B)

4 types of functional reliability requirement

Checking requirements, Recovery requirements , Redundancy requirements , Process requirements (D)

---4 types of functional reliability requirements--- geared to helping the system recover after a failure has occurred.

Recovery requirement (B)

---4 types of functional reliability requirements---fault-avoidance requirements, which ensure that good practice is used in the development process.

Process requirements (D)

---4 types of functional reliability requirements--- identify checks on inputs to system to ensure that incorrect or out-of-range inputs are detected before processed by system.

Checking requirements (A)

---4 types of functional reliability requirements--- specify redundant features of the system ensure that single component failure not lead to a complete loss of service.

Redundancy requirements (C)

---4 types of functional reliability requirements---

Checking requirements, Recovery requirements , Redundancy requirements , Process requirements (A)

Systems in which it is essential that system operation is always safe.

Safety-critical systems (C)

4 activities in a hazard-driven safety specification process:

Hazard identification, Hazard assessment, Hazard analysis, Risk reduction (D)

4 activities in a hazard-driven safety specification process: focuses on understanding factors lead to occurrence of hazard and consequences if incident associated with that hazard should occur.

Hazard assessment (B)

4 activities in a hazard-driven safety specification process: identifies hazards that may threaten the system.

Hazard identification (A)

4 activities in a hazard-driven safety specification process: This process is based on the outcome of hazard analysis and leads to identification of safety requirements.

Risk reduction (D)

4 activities in a hazard-driven safety specification process: -root-cause analysis that identifies the events lead to occurrence of hazard.

Hazard analysis (C)

Hazard identification, Hazard assessment, Hazard analysis, Risk reduction (D)

3 risk categories that are used in hazard assessment

Intolerable risks, As low as reasonably practical (ALARP) risks,Acceptable risks (A)

----3 risk categories that are used in hazard assessment---
those that have less serious consequences or that are serious but have a very low probability of occurrence.

As low as reasonably practical (ALARP) risks (B)

----3 risk categories that are used in hazard assessment---\ those that threaten human life.

As low as reasonably practical (ALARP) risks (A)

----3 risk categories that are used in hazard assessment---
those associated accidents normally result in minor damage.

Acceptable risks (C)

----3 risk categories that are used in hazard assessment---\

Intolerable risks, As low as reasonably practical (ALARP) risks,Acceptable risks (C)

---Software failures lead to an incorrect dose of insulin, “solutions” might be developed---

Arithmetic error, Algorithmic error (C)

---Software failures lead to an incorrect dose of insulin, “solutions” might be developed--- there is no clear program exception that must be handled.

Algorithmic error (B)

---Software failures lead to an incorrect dose of insulin, “solutions” might be developed--- occur when an arithmetic computation causes a representation failure.

Arithmetic error (A)

set of activities that check that a system will operate safely.

Safety assurance (C)

Formally verifying programs using a deductive approach is difficult and expensive, but alternative approaches to formal analysis have been developed that are based on a more restricted notion of correctness.

Model checking (B)

set of documents that includes a description of the system to be certified

Safety case (A)

The widespread adoption of the Internet in the 1990s introduced a new challenge for software engineers—designing and implementing systems that were secure.

Security Engineering (B)

---3 security dimensions---

Confidentiality, Integrity, Availability (C)

---3 security dimensions---Access to a system or its data that is normally available may not be possible.

Availability (C)

---3 security dimensions--Information in a system may be disclosed or made accessible to people or programs that are not authorized to have access to that information.

Confidentiality (C)

---3 security dimensions---may be damaged or corrupted, making it unusual or unreliable.

Integrity (A)

3 security dimensions

Confidentiality, Integrity, Availability (C)

3 level of security

Infrastructure security, Application security, Operational security (A)

3 level of security: concerned with the secure operation and use of the organization’s systems

Operational security (C)

3 level of security: concerned with maintaining the security of all systems and networks that provide an infrastructure and a set of shared services to the organization.

Infrastructure security (A)

3 level of security: concerned with the security of individual application systems or related groups of systems.

Application security (A)

3 level of security

Infrastructure security, Application security, Operational security (C)

system attribute that reflects the ability of the system to protect itself from malicious internal or external attacks.

Security (A)

---The controls that you might put in place to enhance system security are based on the fundamental notions of avoidance, detection, and recovery----

Vulnerability avoidance, Attack detection and neutralization, Exposure limitation and recovery (B)

Controls that support recovery from problems.

Exposure limitation and recovery (C)

Controls that are intended to detect and repel attacks.

Attack detection and neutralization (B)

Controls that are intended to ensure that attacks are unsuccessful.

Vulnerability avoidance (A)

Building secure systems is expensive and uncertain. It is impossible to predict costs of security failure, so companies find it difficult to judge how much should spend on system security

Security and Organizations (A)

Organizational activities focus on identifying and understanding risks to information assets (systems and data) in organization.

Security risk assessment (B)

---3 stages of risk assessment---

Preliminary risk assessment, Design risk assessment, Operational risk assessment (C)

---3 stages of risk assessment---during development life cycle and is informed by the technical system design and implementation decisions.

Design risk assessment (B)

---3 stages of risk assessment--- to identify generic risks that are applicable to system

Preliminary risk assessment (B)

---3 stages of risk assessment---focuses on use of system and possible risks that can arise.

Operational risk assessment (A)

---3 stages of risk assessment---

Preliminary risk assessment, Design risk assessment, Operational risk assessment (D)

The specification of security requirements for systems has much in common with the specification of safety requirements. You cannot specify safety or security requirements as probabilities.

Security Requirements (A)

System designers have to find a balance between security, performance, and usability

Secure systems design (A)

Secure system design means designing security into an application system.

Secure systems programming (C)

impossible to avoid system failures and so is concerned with limiting the costs of these failures and recovering from them.

Resilience engineering (C)

---3 Concepts fundamental to resilience planning---

Assets, Threats, Attacks (A)

---3 Concepts fundamental to resilience planning---circumstances can cause harm by damaging or stealing organizational IT infrastructure or system assets.

Threats (B)

---3 Concepts fundamental to resilience planning--- systems and data that have to be protected.

Assets (B)

---3 Concepts fundamental to resilience planning---manifestations of threat where attacker aims to damage or steal websites or personal data.

Attacks (A)

---3 Concepts fundamental to resilience planning---

Assets, Threats, Attacks (A)

can resist and recover from adverse incidents such as software failures and cyberattacks.

Resilient systems (D)

---Examples of controls that may be used ---

Authentication , Encryption, Firewalls (C)

---Examples of controls that may be used ---where incoming network packets are examined, then accepted or rejected according to a set of organizational rules.

Firewalls (A)

---Examples of controls that may be used --- where data is algorithmically scrambled

Encryption (A)

---Examples of controls that may be used --- users of system have to show that they are authorized to access the system.

Authentication (A)

---Examples of controls that may be used ---

Authentication , Encryption, Firewalls (D)