/* */

Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Session Management






2. ISO/IEC 15408






3. Total Risk






4. Authorization






5. Technical Controls






6. Annual Loss Expectancy (ALE)






7. FIPS 201






8. EALs levels






9. Authentication






10. After identification step is...






11. General security concept






12. Core Security Concept






13. ISO/IEC 27002:2005






14. Implementation challenges






15. Error and exception management






16. Clipping level






17. Least privilege






18. ISO /IEC 27000:2009






19. Single point failure






20. FIPS 197 (Advance Cryptographic standards - AES)






21. Multifactor authentication






22. NIST standards related to software security






23. Exposure factor (EF)






24. ISO/IEC 27006:2007






25. Single Loss Expectancy (SLE)






26. Security Risk Management Discipline






27. Counter measures






28. ISO/IEC 27001:2005






29. Auditing






30. FIPS140-2 (Security requirement for cryptographic modules)






31. Security Standards






32. Configurations Parameters Management






33. ISO/IEC 9216






34. Phsychological acceptability






35. DREAD






36. Benefits of coding standards






37. Holistic Security in software






38. Integrity






39. Develop hack resilient software






40. Security design principles






41. Availability






42. Security Policies


43. Examples of Security Standards






44. Management Controls






45. Complete mediation






46. Challenges in implementing auditing/logging






47. STRIDE






48. Categories of controls






49. Accountability






50. Operation Controls






//