Secure Software Development Chapter 1: Objectives and Concepts

Questions and Answers

What is the primary focus of the SDLC methodology in software development?

• Maximizing the design phase
• Minimizing the attack surface area
• Accounting for security in each phase (correct)
• Improving the coding phase

What is the purpose of threat modeling in the SDLC design phase?

• To identify potential vulnerabilities (correct)
• To authenticate and manage passwords
• To minimize the attack surface area
• To analyze security and privacy risks

What is the primary purpose of the testing phase in the SDLC methodology?

• To implement the design
• To analyze security and privacy risks
• To detect potential vulnerabilities (correct)
• To maintain software upgrades

What is the main goal of privacy compliance laws?

To meet legal requirements for personal information (B)

Which of the following is NOT a phase of the SDLC methodology?

Deployment phase (B)

What is the primary purpose of enumerations of known software vulnerabilities in the SDLC coding phase?

To check software for vulnerabilities (A)

What is the primary focus of the Agile methodology in software development?

Iterative and incremental development (B)

What is the primary purpose of white-box testing in software development?

To test software with complete knowledge of the internal workings (A)

Which of the following is NOT a type of testing methodology in software development?

Requirements testing (C)

What is the primary purpose of the maintenance phase in the SDLC methodology?

To maintain software upgrades and repairs (D)

Flashcards are hidden until you start studying