/* */

Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Economy of mechanism






2. Benefits of coding standards






3. Flaw Hypothesis Method (FHM)






4. Integrity






5. Security profile of a software






6. PCI DSS






7. ISO/IEC 27001:2005






8. Least common mechanism






9. DREAD






10. Safeguards






11. ISO/IEC 27006:2007






12. FIPS140-2 (Security requirement for cryptographic modules)






13. Security Standards






14. Take-Grant Model






15. ISO/IEC 27003






16. Accountability






17. Confidentiality






18. NIST standards related to software security






19. Security design principles






20. Auditing






21. Non Repudiation






22. Compartmentalization






23. Vulnerability






24. Holistic Security in software






25. Configurations Parameters Management






26. Security Policies


27. After identification step is...






28. Authorization






29. Technical Controls






30. Complete mediation






31. OWASP development guide






32. Security Controls






33. Categories of controls






34. Least privilege






35. Operation Controls






36. Single point failure






37. OWASP testing guide






38. Multifactor authentication






39. Software security risk management methodologies






40. Challenges in implementing auditing/logging






41. Management Controls






42. ISO/IEC 27002:2005






43. Residual Risk






44. Risk management process






45. FIPS 201






46. OWASP Code Review Guide






47. Annual Rate of Occurence (ARO)






48. ISO/IEC 21827:2008






49. Phsychological acceptability






50. ISO/IEC 27005:2008






//