Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Accountability






2. Security Standards






3. Benefits of coding standards






4. EALs levels






5. ISO/IEC 21827:2008






6. General security concept






7. STRIDE






8. Counter measures






9. Clipping level






10. Annual Loss Expectancy (ALE)






11. Take-Grant Model






12. Least common mechanism






13. Risk management process






14. Authorization






15. ISO/IEC 27002:2005






16. Auditing






17. Exposure factor (EF)






18. Single point failure






19. Security Risk Management Discipline






20. Integrity






21. Holistic Security in software






22. Operation Controls






23. ISO/IEC 9216






24. Implementation challenges






25. Confidentiality






26. Vulnerability






27. NIST standards related to software security






28. Least privilege






29. PCI DSS






30. Residual Risk






31. Configurations Parameters Management






32. Security Controls






33. Availability






34. Authentication






35. Access Matrix model


36. Non Repudiation






37. Economy of mechanism






38. Compartmentalization






39. Categories of controls






40. OWASP testing guide






41. OWASP Code Review Guide






42. Security Policies


43. ISO /IEC 27000:2009






44. Single Loss Expectancy (SLE)






45. After identification step is...






46. Develop hack resilient software






47. Multifactor authentication






48. Session Management






49. Challenges in implementing auditing/logging






50. FIPS140-2 (Security requirement for cryptographic modules)