Dependability & Security Mcqs for Software Engineering - Set 4

1)   At which stage of risk analysis specification, the additional security requirements take account of the technologies used in building the system and system design and implementation decisions ?

a. Preliminary risk analysis
b. Life-cycle risk analysis
c. Operational risk analysis
d. All of the mentioned
Answer  Explanation 

ANSWER: Life-cycle risk analysis

Explanation:
This risk assessment takes place during the system development life cycle after design choices have been made..


2)   Which reliability metric sets out the probable number of system failures that are likely to be observed relative to a certain time period ?

a. POFOD
b. ROCOF
c. AVAIL
d. None of the mentioned
Answer  Explanation 

ANSWER: ROCOF

Explanation:
Rate of occurrence of failures (ROCOF) sets out the probable number of system failures that are likely to be observed relative to the number of system executions.


3)   To specify security requirements, one should identify the risks that are to be dealt with ?

a. True
b. False
Answer  Explanation 

ANSWER: False

Explanation:
To specify security requirements, one should identify the assets that are to be dealt with.


4)   Which reliability requirements are concerned with maintaining copies of the system ?

a. Checking requirements
b. Recovery requirements
c. Redundancy requirements
d. Ambiguous requirements
Answer  Explanation 

ANSWER: Recovery requirements

Explanation:
These requirements are geared to helping the system recover after a failure has occurred.


5)   Which of the following is not a functional reliability requirement for a system ?

a. Checking requirements
b. Recovery requirements
c. Redundancy requirements
d. Ambiguous requirements
Answer  Explanation 

ANSWER: Ambiguous requirements

Explanation:
All the options are correct except option d.


6)   POFOD stands for___________________?

a. Possibility of failure of data
b. Probability of failure of data
c. Possibility of failure on demand
d. Probability of failure on demand
Answer  Explanation 

ANSWER: Probability of failure on demand

Explanation:
No explanation is available for this question!


7)   How many stages are there in Risk-driven requirements specification ?

a. three
b. four
c. five
d. six
Answer  Explanation 

ANSWER: four

Explanation:
These include Risk identification, Risk analysis, Risk reduction and Risk decomposition


8)   An event that occurs at some point in time when the system does not deliver a service as expected by its users is called __________________?

a. Human error or mistake
b. System fault
c. System error
d. System failure
Answer  Explanation 

ANSWER: System failure

Explanation:
No explanation is available for this question!


9)   Consider a case where the system is unavailable and cannot deliver its services to users. What type of failure is being described here ?

a. Loss of service
b. Incorrect service delivery
c. System/data corruption
d. None of the mentioned
Answer  Explanation 

ANSWER: Loss of service

Explanation:
One may separate this into loss of critical services and loss of non-critical services, where the consequences of a failure in non-critical services are less than the consequences of critical service failure.


10)   A weakness in a computer-based system that may be exploited to cause loss or harm is known as ?

a. Vulnerability
b. Attack
c. Threat
d. Exposure
Answer  Explanation 

ANSWER: Vulnerability

Explanation:
No explanation is available for this question!


11)   A password checking system that disallows user passwords that are proper names or words that are normally included in a dictionary is an example of ________________ with respect to security systems?

a. risk
b. control
c. attack
d. asset
Answer  Explanation 

ANSWER: control

Explanation:
A control protective measure that reduces a system’s vulnerability.


12)   An assessment of the worst possible damage that could result from a particular hazard is known as _________________?

a. Risk
b. Hazard probability
c. Hazard severity
d. Mishap
Answer  Explanation 

ANSWER: Hazard severity

Explanation:
Hazard severity can range from catastrophic, where many people are killed, to minor, where only minor damage results. When an individual death is a possibility, a reasonable assessment of hazard severity is ‘very high’.


13)   An erroneous system state that can lead to system behavior that is unexpected by system users is known as________________?

a. Human error or mistake
b. System fault
c. System error
d. System failure
Answer  Explanation 

ANSWER: System error

Explanation:
No explanation is available for this question!


14)   The safety of a system is a system attribute that reflects the system’s ability to operate, normally or abnormally, without injury to people or damage to the environment ?

a. True
b. False
Answer  Explanation 

ANSWER: True

Explanation:
No explanation is available for this question!


15)   A chemical plant system may detect excessive pressure and open a relief valve to reduce these pressures before an explosion occurs. What kind of dependability and security issue the example states ?

a. Hazard avoidance
b. Damage limitation
c. Hazard detection
d. Hazard detection and removal
Answer  Explanation 

ANSWER: Hazard detection and removal

Explanation:
The system is designed so that hazards are detected and removed before they result in an accident.


16)   An aircraft engine normally includes automatic fire extinguishers.What kind of dependability and security issue the example states ?

a. Hazard avoidance
b. Damage limitation
c. Hazard detection
d. Hazard detection and removal
Answer  Explanation 

ANSWER: Damage limitation

Explanation:
The system may include protection features that minimize the damage that may result from an accident.


17)   A characteristic of a software system that can lead to a system error is known as _____________________ ?

a. Human error or mistake
b. System fault
c. System error
d. System failure
Answer  Explanation 

ANSWER: System fault

Explanation:
No explanation is available for this question!


18)   Which of the following terms is a measure of the probability that the system will cause an accident ?

a. Risk
b. Hazard probability
c. Accident
d. Damage
Answer  Explanation 

ANSWER: Risk

Explanation:
The risk is assessed by considering the hazard probability, the hazard severity, and the probability that the hazard will lead to an accident.