The Systems Security Engineering Capability Maturity Model (SSE CMM®) is an internationally recognized standard that publishes guidelines to

B. evaluate security engineering practices and organizational management processes.

A. provide metrics for measuring the software and its behavior, and using the software in a specific context of use.

C. support accreditation and certification bodies that audit and certify information security management systems.

D. ensure that the claimed identity of personnel are appropriately verified

Which of the following is a framework that can be used to develop a risk based enterprise security architecture by determining security requirements after analyzing the business initiatives.

B. Sherwood Applied Business Security Architecture (SABSA)

A. Capability Maturity Model Integration (CMMI)

C. Control Objectives for Information and related Technology (COBIT®)

Which of the following is a PRIMARY consideration for the software publisher when selling Commercially Off the Shelf (COTS) software?

A. Service Level Agreements (SLAs).

B. Intellectual Property protection.

D. Review of the code for backdoors and Trojan horses.

The Single Loss Expectancy can be determined using which of the following formula?

C. Asset Value x Exposure Factor

A. Annualized Rate of Occurrence (ARO) x Exposure Factor

D. Annualized Rate of Occurrence (ARO) x Asset Value

csslp-1

Authored by kalki disuza

English

1st - 5th Grade

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

15 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The PRIMARY reason for incorporating security into the software development life cycle is to protect

A. the unauthorized disclosure of information.

B. the corporate brand and reputation.

C. against hackers who intend to misuse the software.

D. the developers from releasing software with security defects.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The resiliency of software to withstand attacks that attempt modify or alter data in an unauthorized manner is referred to as

A. Confidentiality.

B. Integrity.

C. Availability.

D. Authorization.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The MAIN reason as to why the availability aspects of software must be part of the organization’s software security initiatives is:

A. software issues can cause downtime to the business.

B. developers need to be trained in the business continuity procedures.

C. testing for availability of the software and data is often ignored.

D. hackers like to conduct Denial of Service (DoS) attacks against the organization

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Developing the software to monitor its functionality and report when the software is down and unable to provide the expected service to the business is a protection to assure which of the following?

A. Confidentiality.

B. Integrity.

C. Availability.

D. Authentication

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

When a customer attempts to log into their bank account, the customer is required to enter a nonce from the token device that was issued to the customer by the bank. This type of authentication is also known as which of the following?

A. Ownership based authentication.

B. Two factor authentication.

C. Characteristic based authentication.

D. Knowledge based authentication

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Multi-factor authentication is most closely related to which of the following security design principles?

A. Separation of Duties.

B. Defense in depth.

C. Complete mediation.

D. Open design

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Audit logs can be used for all of the following EXCEPT

A. providing evidentiary information.

B. assuring that the user cannot deny their actions.

C. detecting the actions that were undertaken.

D. preventing a user from performing some unauthorized operations.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

10 questions

Week 1 - Holiday homework

Quiz

•

3rd Grade

20 questions

English 4

Quiz

•

4th - 5th Grade

10 questions

THE DONKEY & I HAD LITTLE PONY (POEM)

Quiz

•

4th Grade

12 questions

Rhyming Quiz

Quiz

•

3rd Grade

16 questions

Singular and Plural sentences

Quiz

•

KG - 2nd Grade

20 questions

POETRY REVIEW

Quiz

•

5th Grade

10 questions

A Lion To Guard Us, chapter 23-Historical Note

Quiz

•

5th - 6th Grade

20 questions

In Context

Quiz

•

5th - 9th Grade

Popular Resources on Wayground

20 questions

Math Review

Quiz

•

3rd Grade

15 questions

Fast food

Quiz

•

7th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

10 questions

Identify Fractions, Mixed Numbers & Improper Fractions

Quiz

•

3rd - 4th Grade

Discover more resources for English

20 questions

Inferences

Quiz

•

4th Grade

18 questions

Brain Teasers

Quiz

•

4th Grade

14 questions

Context Clues

Quiz

•

4th - 6th Grade

20 questions

Context Clues

Quiz

•

5th Grade

41 questions

Reading Practice - Comprehension

Quiz

•

3rd Grade

20 questions

Parts of Speech

Quiz

•

5th Grade

20 questions

Figurative Language Review

Quiz

•

4th Grade

20 questions

Reading & Test Testing Strategies

Quiz

•

3rd - 5th Grade

csslp-1

The PRIMARY reason for incorporating security into the software development life cycle is to protect

The resiliency of software to withstand attacks that attempt modify or alter data in an unauthorized manner is referred to as

The MAIN reason as to why the availability aspects of software must be part of the organization’s software security initiatives is:

Developing the software to monitor its functionality and report when the software is down and unable to provide the expected service to the business is a protection to assure which of the following?

When a customer attempts to log into their bank account, the customer is required to enter a nonce from the token device that was issued to the customer by the bank. This type of authentication is also known as which of the following?

Multi-factor authentication is most closely related to which of the following security design principles?

Audit logs can be used for all of the following EXCEPT

Organizations often pre-determine the acceptable number of user errors before recording them as security violations. This number is otherwise known as:

A security principle that maintains the confidentiality, integrity and availability of the software and data, besides allowing for rapid recovery to the state of normal operations, when unexpected events occur is the security design principle of

Requiring the end user to accept an ‘AS-IS’ disclaimer clause before installation of your software is an example of risk

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for English