Software Assurance & Security: SDLC Models and Agile Methodology

Questions and Answers

What is the main goal of ensuring integrity in cybersecurity?

Preserve consistency in internal and external data

Prevent unauthorized access to data

Prevent unauthorized changes to data, software, or applications (correct)

Ensure that computer system components are accessible when needed

Which of the following is an example of a threat to availability in cybersecurity?

Unauthorized access to sensitive information

Denial of service (DoS) attack on a computer CPU (correct)

Data breach resulting in loss of confidentiality

Inconsistency between internal and external data

What makes confidentiality easy to assess in terms of success?

Binary nature: Yes or No (correct)

Continuous monitoring

Complex encryption algorithms

Regular security audits

Which of the following is NOT a goal of ensuring integrity in cybersecurity?

Ensure availability of computer system components

Why is integrity essential to cybersecurity?

To prevent unauthorized changes to data, software, or applications

What is the main focus of Software Assurance?

Ensuring software is free of vulnerabilities

What does the term 'Trustworthiness' in Software Assurance refer to?

Absence of exploitable vulnerabilities

In the context of software security, what does the CIA Triad stand for?

Confidentiality, Integrity, Availability

What aspect of software security does the term 'Confidentiality' address?

Limiting access to data on a 'need to know' basis

Why is it important to understand what 'secure' means before attempting to secure software?

To avoid unintentionally inserting vulnerabilities