1) Choose the fault class in which the following automated static analysis check would fall:”Pointer Arithmetic” ? a. Storage management faults b. Data Faults c. Input/Output Faults d. Interface faults
|
||||
2) An impersonation of an authorised user is an example of a security threat ? a. True b. True
|
||||
3) Circumstances that have potential to cause loss or harm is known as___________________? a. Attack b. Threat c. Vulnerability d. Control
|
||||
4) A system resource that has a value and has to be protected is known as ________________________? a. Asset b. Control c. Vulnerability d. None of the mentioned
|
||||
5) What is Life cycle risk assessment ? a. Risk assessment before the system has been deployed b. Risk assessment while the system is being developed c. All of the mentioned d. None of the mentioned
|
||||
6) Security engineering is only concerned with maintenance of systems such that they can resist malicious attacks ? a. True b. False
|
||||
7) Controls that are intended to ensure that attacks are unsuccessful is analogous to ______________ in dependability engineering? a. Fault avoidance b. Fault tolerance c. Fault detection d. Fault Recovery
|
||||
8) What are security controls ? a. Controls that are intended to ensure that attacks are unsuccessful b. Controls that are intended to detect and repel attacks c. Controls that are intended to support recovery from problems d. All of the mentioned
|
||||
9) Which of the following is a layer of protection for Security ? a. Platform-level protection b. Application-level protection c. Record-level protection d. All of the mentioned
|
||||
10) Which of the following is a bad practice of Dependable programming ? a. Limit the visibility of information in a program b. Check array bounds c. Check all inputs for validity d. None of the mentioned
|