Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ISO/IEC 27005:2008






2. Popular guides developed by OWASP






3. FIPS140-2 (Security requirement for cryptographic modules)






4. Annual Rate of Occurence (ARO)






5. ISO/IEC 15408






6. Phsychological acceptability






7. OWASP testing guide






8. Risk management process






9. ISO/IEC 27002:2005






10. Auditing






11. Flaw Hypothesis Method (FHM)






12. Core Security Concept






13. Implementation challenges






14. Vulnerability






15. Information Security Models






16. ISO/IEC 27006:2007






17. Authorization






18. Properties of secure software






19. Open design






20. STRIDE






21. Management Controls






22. Non Repudiation






23. Threat






24. ISO/IEC 27003






25. Benefits of coding standards






26. Technical Controls






27. Least privilege






28. Availability






29. Configurations Parameters Management






30. NIST standards related to software security






31. ISO /IEC 27000:2009






32. Software security risk management methodologies






33. Security Standards






34. Security Risk Management Discipline






35. Operation Controls






36. Confidentiality






37. Economy of mechanism






38. Security profile of a software






39. General security concept






40. Counter measures






41. Complete mediation






42. Least common mechanism






43. FIPS 197 (Advance Cryptographic standards - AES)






44. OWASP development guide






45. Vulnerabilities repositories






46. Common best practices significant to Sofware Security






47. DREAD






48. OWASP Code Review Guide






49. Accountability






50. FIPS 201