Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 30 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. General security concept






2. FIPS 197 (Advance Cryptographic standards - AES)






3. Annual Rate of Occurence (ARO)






4. EALs levels






5. Security Standards






6. Core Security Concept






7. Information Security Models






8. Examples of Security Standards






9. Counter measures






10. Session Management






11. OWASP testing guide






12. Single point failure






13. FIPS 201






14. ISO/IEC 27002:2005






15. ISO/IEC 27006:2007






16. Authorization






17. Auditing






18. Multifactor authentication






19. Annual Loss Expectancy (ALE)






20. Security Controls






21. Benefits of coding standards






22. Challenges in implementing auditing/logging






23. Management Controls






24. Security design principles






25. Software security risk management methodologies






26. Access Matrix model


27. Single Loss Expectancy (SLE)






28. ISO/IEC 27001:2005






29. Risk management process






30. Non Repudiation






31. ISO/IEC 27005:2008






32. Vulnerability






33. Take-Grant Model






34. Common best practices significant to Sofware Security






35. NIST standards related to software security






36. Authentication






37. Confidentiality






38. OWASP Top 10






39. Open design






40. Error and exception management






41. Economy of mechanism






42. OWASP Code Review Guide






43. ISO/IEC 15408






44. Operation Controls






45. ISO /IEC 27000:2009






46. Compartmentalization






47. ISO/IEC 27003






48. Develop hack resilient software






49. Flaw Hypothesis Method (FHM)






50. Popular guides developed by OWASP