Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Security profile of a software






2. Annual Rate of Occurence (ARO)






3. Session Management






4. Integrity






5. ISO/IEC 27001:2005






6. OCTAVE






7. Management Controls






8. Multifactor authentication






9. Open design






10. ISO/IEC 27002:2005






11. Flaw Hypothesis Method (FHM)






12. FIPS 197 (Advance Cryptographic standards - AES)






13. Residual Risk






14. OWASP testing guide






15. NIST standards related to software security






16. Popular guides developed by OWASP






17. Accountability






18. ISO/IEC 15408






19. Configurations Parameters Management






20. ISO/IEC 27005:2008






21. Phsychological acceptability






22. Least common mechanism






23. Economy of mechanism






24. Authorization






25. Clipping level






26. Auditing






27. After identification step is...






28. Complete mediation






29. Compartmentalization






30. Categories of controls






31. Take-Grant Model






32. Implementation challenges






33. Total Risk






34. Single point failure






35. General security concept






36. OWASP development guide






37. Availability






38. Single Loss Expectancy (SLE)






39. Annual Loss Expectancy (ALE)






40. Common best practices significant to Sofware Security






41. Confidentiality






42. ISO/IEC 27003






43. Security Standards






44. Challenges in implementing auditing/logging






45. Access Matrix model


46. Vulnerabilities repositories






47. Security Policies


48. Risk management process






49. EALs levels






50. Develop hack resilient software