Test your basic knowledge |

CSSLP: Certified Secure Software Lifecycle Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Authentication






2. Operation Controls






3. ISO /IEC 27000:2009






4. OWASP Code Review Guide






5. ISO/IEC 27001:2005






6. Residual Risk






7. STRIDE






8. Examples of Security Standards






9. Clipping level






10. ISO/IEC 27005:2008






11. Single Loss Expectancy (SLE)






12. Vulnerability






13. ISO/IEC 21827:2008






14. Safeguards






15. Multifactor authentication






16. ISO/IEC 27002:2005






17. Information Security Models






18. FIPS 197 (Advance Cryptographic standards - AES)






19. Common best practices significant to Sofware Security






20. Security Standards






21. EALs levels






22. Management Controls






23. Auditing






24. Holistic Security in software






25. Single point failure






26. PCI DSS






27. OCTAVE






28. OWASP development guide






29. Develop hack resilient software






30. Complete mediation






31. ISO/IEC 27006:2007






32. FIPS 201






33. Software security risk management methodologies






34. Technical Controls






35. Security design principles






36. NIST standards related to software security






37. Configurations Parameters Management






38. DREAD






39. Exposure factor (EF)






40. Phsychological acceptability






41. After identification step is...






42. ISO/IEC 15408






43. Security Risk Management Discipline






44. OWASP testing guide






45. Non Repudiation






46. Error and exception management






47. FIPS140-2 (Security requirement for cryptographic modules)






48. Accountability






49. Authorization






50. Compartmentalization