Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Security profile of a software






2. Flaw Hypothesis Method (FHM)






3. Vulnerabilities repositories






4. Properties of secure software






5. Software security risk management methodologies






6. Annual Loss Expectancy (ALE)






7. Security Risk Management Discipline






8. Challenges in implementing auditing/logging






9. Session Management






10. Non Repudiation






11. Exposure factor (EF)






12. Risk management process






13. FIPS 197 (Advance Cryptographic standards - AES)






14. Economy of mechanism






15. Auditing






16. Integrity






17. Take-Grant Model






18. Examples of Security Standards






19. Accountability






20. ISO/IEC 21827:2008






21. Configurations Parameters Management






22. Authorization






23. Core Security Concept






24. ISO/IEC 9216






25. ISO/IEC 27002:2005






26. Safeguards






27. Total Risk






28. Benefits of coding standards






29. Management Controls






30. Technical Controls






31. Implementation challenges






32. Single Loss Expectancy (SLE)






33. Common best practices significant to Sofware Security






34. Open design






35. DREAD






36. OWASP development guide






37. Clipping level






38. FIPS140-2 (Security requirement for cryptographic modules)






39. Phsychological acceptability






40. Holistic Security in software






41. Compartmentalization






42. OWASP Top 10






43. Confidentiality






44. OWASP testing guide






45. OCTAVE






46. Single point failure






47. Error and exception management






48. Popular guides developed by OWASP






49. Least common mechanism






50. After identification step is...