Secure Software Development Life Cycle (SDLC) Quiz

Questions and Answers

What percentage of security vulnerabilities exist at the application layer according to Gartner?

• Exactly 100%
• Less than 30%
• Around 50%
• Over 70% (correct)

According to NIST, when are many software security weaknesses introduced?

• At the testing phase
• At the maintenance phase
• At the implementation phase (correct)
• At the design phase

How many vulnerabilities are developers responsible for in the OWASP Top 10?

• None
• Exactly 10
• At least 6 (correct)
• At most 3

What was the cost of poor quality software in the US in 2018 approximately?

$2.84 trillion (D)

When did the unmanned Ariane 5 rocket explosion occur?

June 4, 1996 (B)

What percentage of security vulnerabilities exist at the application layer according to Gartner?

Over 70% (B)

What was the cost of poor quality software in the US in 2018 approximately?

$2.84 trillion (B)

When did the unmanned Ariane 5 rocket explosion occur?

June 4, 1996 (A)

According to NIST, when are many software security weaknesses introduced?

Implementation phase (D)

How much did the unmanned Ariane 5 rocket's development cost?

$7 billion (C)

Flashcards

Application Layer Vulnerabilities

Over 70% of security vulnerabilities exist at the application layer according to Gartner.

Introduction of Security Weaknesses

Many software security weaknesses are introduced during the implementation phase according to NIST.

OWASP Top 10 Responsibilities

Developers are responsible for at least 6 vulnerabilities in the OWASP Top 10.

Cost of Poor Quality Software (2018)

The approximate cost of poor quality software in the US in 2018 was $2.84 trillion.

Ariane 5 Rocket Explosion Date

The unmanned Ariane 5 rocket explosion occurred on June 4, 1996.

Ariane 5 Development Cost

The development of the unmanned Ariane 5 rocket cost approximately $7 billion.

Gartner's Vulnerability Percentage

Gartner reports that over 70% of security vulnerabilities are at the application layer.

NIST Vulnerability Timing

NIST indicates that many vulnerabilities arise at the implementation phase.

OWASP Top 10 Overview

The OWASP Top 10 lists the most critical web application security risks.

Economic Impact of Software Failures

The economic impact of poor software quality highlights financial losses due to vulnerabilities.

Study Notes

Security Vulnerabilities

• Gartner reports that approximately 90% of security vulnerabilities exist at the application layer.
• NIST highlights that many software security weaknesses are introduced during the design and coding phases.

Developer Responsibility

• Developers are responsible for a significant number of vulnerabilities identified in the OWASP Top 10, which indicates common security issues in web applications.

Financial Impact of Software Quality

• The cost of poor quality software in the United States in 2018 was estimated to be around $2.84 trillion.

Ariane 5 Rocket Incident

• The unmanned Ariane 5 rocket explosion occurred on June 4, 1996.
• The development cost of the Ariane 5 rocket was approximately $7 billion.