Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Compartmentalization






2. ISO/IEC 27006:2007






3. PCI DSS






4. Benefits of coding standards






5. OWASP Code Review Guide






6. NIST standards related to software security






7. OCTAVE






8. Software security risk management methodologies






9. ISO/IEC 15408






10. Common best practices significant to Sofware Security






11. Economy of mechanism






12. ISO /IEC 27000:2009






13. Single Loss Expectancy (SLE)






14. General security concept






15. Properties of secure software






16. Flaw Hypothesis Method (FHM)






17. ISO/IEC 21827:2008






18. Vulnerability






19. ISO/IEC 27002:2005






20. FIPS 197 (Advance Cryptographic standards - AES)






21. Exposure factor (EF)






22. Least common mechanism






23. Phsychological acceptability






24. Integrity






25. Categories of controls






26. Accountability






27. Implementation challenges






28. EALs levels






29. Core Security Concept






30. Authentication






31. After identification step is...






32. Complete mediation






33. Information Security Models






34. OWASP development guide






35. STRIDE






36. Annual Loss Expectancy (ALE)






37. ISO/IEC 9216






38. Security design principles






39. Threat






40. ISO/IEC 27003






41. Security Risk Management Discipline






42. Auditing






43. ISO/IEC 27001:2005






44. Authorization






45. Technical Controls






46. Holistic Security in software






47. FIPS140-2 (Security requirement for cryptographic modules)






48. Single point failure






49. Total Risk






50. FIPS 201