Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Error and exception management






2. Phsychological acceptability






3. Challenges in implementing auditing/logging






4. Open design






5. Security Controls






6. Least privilege






7. Authentication






8. Complete mediation






9. Benefits of coding standards






10. Compartmentalization






11. OWASP Code Review Guide






12. Configurations Parameters Management






13. OWASP testing guide






14. Multifactor authentication






15. FIPS140-2 (Security requirement for cryptographic modules)






16. Categories of controls






17. NIST standards related to software security






18. Technical Controls






19. General security concept






20. Security Standards






21. Accountability






22. ISO /IEC 27000:2009






23. EALs levels






24. FIPS 201






25. Counter measures






26. Software security risk management methodologies






27. Implementation challenges






28. Holistic Security in software






29. Security profile of a software






30. DREAD






31. Management Controls






32. OCTAVE






33. Annual Rate of Occurence (ARO)






34. OWASP Top 10






35. Economy of mechanism






36. Non Repudiation






37. Single Loss Expectancy (SLE)






38. Security Policies


39. ISO/IEC 27002:2005






40. Safeguards






41. ISO/IEC 27005:2008






42. Examples of Security Standards






43. FIPS 197 (Advance Cryptographic standards - AES)






44. Operation Controls






45. Security Risk Management Discipline






46. Take-Grant Model






47. Single point failure






48. Exposure factor (EF)






49. Session Management






50. ISO/IEC 27003