Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Phsychological acceptability






2. Complete mediation






3. Non Repudiation






4. Examples of Security Standards






5. Clipping level






6. Open design






7. Information Security Models






8. Integrity






9. ISO/IEC 21827:2008






10. ISO/IEC 27001:2005






11. Holistic Security in software






12. Accountability






13. EALs levels






14. Operation Controls






15. Error and exception management






16. Security Risk Management Discipline






17. ISO/IEC 27005:2008






18. Authorization






19. Least common mechanism






20. STRIDE






21. Authentication






22. Session Management






23. Economy of mechanism






24. ISO/IEC 9216






25. Single point failure






26. Vulnerability






27. Common best practices significant to Sofware Security






28. Counter measures






29. Security Controls






30. OWASP Code Review Guide






31. Single Loss Expectancy (SLE)






32. Properties of secure software






33. OWASP Top 10






34. FIPS 201






35. OCTAVE






36. Software security risk management methodologies






37. ISO/IEC 15408






38. Security profile of a software






39. Exposure factor (EF)






40. Popular guides developed by OWASP






41. Management Controls






42. Confidentiality






43. FIPS140-2 (Security requirement for cryptographic modules)






44. Availability






45. ISO /IEC 27000:2009






46. OWASP development guide






47. Implementation challenges






48. Core Security Concept






49. FIPS 197 (Advance Cryptographic standards - AES)






50. Risk management process