Security Awareness Quiz

Adding security features after development

Creating systems with built-in protections from the start

Ignoring security during the development process

Outsourcing security to third-party vendors

Risk Assessment

Defense in Depth

Principle of Least Privilege

Regular Updates

Delaying security tests until after deployment

Involving security teams early in development

Ignoring security in sprint planning

Outsourcing security testing

Cross-site scripting (XSS)

Data breaches

Automated backups

Man-in-the-middle (MITM) attacks

Secure by default

Fail-safe defaults

Defense in Depth

Automated Testing

To create software without documentation

To manage an organization’s information security risks

To delay security implementations

To focus only on software aesthetics

HTTP

FTP

SMTP

HTTPS

Storing data in plain text

Database encryption

Leaving data unprotected

Using default passwords

Ignoring user input

Secure data storage

Disabling security features

Using outdated software

Increasing software performance

Enhancing system vulnerabilities

Identifying security flaws

Reducing costs of development