Dependability & Security Mcqs for Software Engineering - Set 2

1)   Choose the fault class in which the following automated static analysis check would fall:”Pointer Arithmetic” ?

a. Storage management faults
b. Data Faults
c. Input/Output Faults
d. Interface faults
Answer  Explanation 

ANSWER: Storage management faults

Explanation:
No explanation is available for this question!


2)   An impersonation of an authorised user is an example of a security threat ?

a. True
b. True
Answer  Explanation 

ANSWER: True

Explanation:
It is a security attack.


3)   Circumstances that have potential to cause loss or harm is known as___________________?

a. Attack
b. Threat
c. Vulnerability
d. Control
Answer  Explanation 

ANSWER: Threat

Explanation:
The answer is self explanatory.


4)   A system resource that has a value and has to be protected is known as ________________________?

a. Asset
b. Control
c. Vulnerability
d. None of the mentioned
Answer  Explanation 

ANSWER: Asset

Explanation:
The answer is self explanatory.


5)   What is Life cycle risk assessment ?

a. Risk assessment before the system has been deployed
b. Risk assessment while the system is being developed
c. All of the mentioned
d. None of the mentioned
Answer  Explanation 

ANSWER: All of the mentioned

Explanation:
No explanation is available for this question!


6)   Security engineering is only concerned with maintenance of systems such that they can resist malicious attacks ?

a. True
b. False
Answer  Explanation 

ANSWER: False

Explanation:
Security engineering is concerned with maintenance as well as development of such systems.


7)   Controls that are intended to ensure that attacks are unsuccessful is analogous to ______________ in dependability engineering?

a. Fault avoidance
b. Fault tolerance
c. Fault detection
d. Fault Recovery
Answer  Explanation 

ANSWER: Fault avoidance

Explanation:
In Fault avoidance the system is developed in such a way that human error is avoided and thus system faults are minimised.


8)   What are security controls ?

a. Controls that are intended to ensure that attacks are unsuccessful
b. Controls that are intended to detect and repel attacks
c. Controls that are intended to support recovery from problems
d. All of the mentioned
Answer  Explanation 

ANSWER: All of the mentioned

Explanation:
All the options define a security control property.


9)   Which of the following is a layer of protection for Security ?

a. Platform-level protection
b. Application-level protection
c. Record-level protection
d. All of the mentioned
Answer  Explanation 

ANSWER: All of the mentioned

Explanation:
No explanation is available for this question!


10)   Which of the following is a bad practice of Dependable programming ?

a. Limit the visibility of information in a program
b. Check array bounds
c. Check all inputs for validity
d. None of the mentioned
Answer  Explanation 

ANSWER: Check array bounds

Explanation:
All the options are good practices to achieve Dependability Engineering.