/* */

Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Single Loss Expectancy (SLE)






2. Configurations Parameters Management






3. Counter measures






4. ISO/IEC 9216






5. Common best practices significant to Sofware Security






6. Annual Rate of Occurence (ARO)






7. Categories of controls






8. PCI DSS






9. DREAD






10. Accountability






11. Security design principles






12. Single point failure






13. ISO /IEC 27000:2009






14. Security Controls






15. Examples of Security Standards






16. Implementation challenges






17. ISO/IEC 27003






18. NIST standards related to software security






19. Error and exception management






20. ISO/IEC 15408






21. Session Management






22. General security concept






23. ISO/IEC 27006:2007






24. ISO/IEC 21827:2008






25. STRIDE






26. Phsychological acceptability






27. Flaw Hypothesis Method (FHM)






28. Security Standards






29. Authentication






30. ISO/IEC 27002:2005






31. Availability






32. Annual Loss Expectancy (ALE)






33. Information Security Models






34. OWASP development guide






35. Develop hack resilient software






36. OWASP testing guide






37. Software security risk management methodologies






38. Take-Grant Model






39. Least common mechanism






40. Access Matrix model


41. OCTAVE






42. FIPS 197 (Advance Cryptographic standards - AES)






43. EALs levels






44. Safeguards






45. Challenges in implementing auditing/logging






46. OWASP Top 10






47. Management Controls






48. Least privilege






49. Exposure factor (EF)






50. Core Security Concept






//