User Account

All Pages

Briefly discuss how do you test for software resiliency

Assignment Help Management Information Sys
Reference no: EM132295852

Assignment

TRUE/FALSE

1. The process of Complete Mediation requires that every access by a subject to read an object, the operating system should mediate the action.

2. There are currently laws in the USA that make companies liable for their faulty software products.

3. Developers of secure software must know the relevant validation techniques and their applicability.

4. Designers of secure software systems must have distinctive goals for achieving security properties at the software and whole system levels.

5. The software designers can minimize the functionality included in the trusted parts.

6. Software security weaknesses and software vulnerabilities meaning the same thing

7. Contemporary software design efforts occur within a given framework such as Java Enterprise Edition (Java EE), Microsoft's .NET or the open source Eclipse framework

8. Alpha and beta testing are kinds of reliability testing.

9. In dynamic software analysis, we do not actually execute the software under analysis.

10. Most formal software analysis and verification techniques are obsolete

MULTIPLE CHOICES

11. Which of the followings helps to improve security related aspects of software
a. Collecting and analyzing security-related measurements
b. Improving security process
c. Improving artifacts quality
d. all of the above

12. Which of the following properties are related to authentication of identity and access control?
a. Accountability
b. Non-repudiation
c. both a and b
d. None of a and b

13. Which of the following elements is not shared by the software professional ethics and codes of conduct?
a. forcing security measures into the software
b. acting in the public's interest
c. honesty and integrity in the practice of software development
d. maintaining competence in the profession

14. Which of the following is not an approach to reduce the possibilities for software security violations.

A. Deny access unless explicitly authorized
B. Deploy with non-secure initial defaults
C. Implement least privilege
D. Check every access

15. In software design, separation can eliminate or reduce the possibilities of certain kinds of violations via implementing the following except___________
A. most common mechanisms
B. Separation of duties
C. Separation of privilege
D. Constrained dependency

16. After failure, software system should have a well-defined status. Which of the following is a valid status?
A. Rollback
B. Fail forward
C. Compensate
D. all of the above

17. The list of assumptions made primarily about the software systems environment is one of the products of the requirements activity. Which of the following is a valid assumption?
A. Environmental Assumptions
B. Internal Assumptions
C. both a & b
D. neither a nor b

18. Which of the following is a kind of activities related to tolerance of errors or violation of software system correctness?
A. forecasting violations
B. notification and warning
C. repair of fault or vulnerability
D. All of the above

19. Common content filtering mechanisms include all but one of the followings. Which one?
A. Recovering to a safe sate
B. Security wrappers
C. Application firewalls

D. eXtensible Markup Language (XML) gateways

20. The anti-tamper mechanisms most frequently used for protecting software are all but one of the following. Which one?
A. Virtual machines
B. Simulation techniques
C. Hardened operating systems
D. Trusted hardware modules

21. Deception techniques at the system level can be used to divert potential attackers away from targeting the system and towards targeting a purpose-built decoy. Which of the following is a deception technique?
A. Honeypot
B. Intrusion detection system
C. Firewall
D. Virtual Private Network (VPN)

22. Which of the followings is not a software testing technique
A. Attack oriented tested
B. User oriented testing
C. Brute force and random testing
D. Fault and vulnerability-oriented testing

23. Network scanners are examples of ___________
A. Dynamic analysis tools
B. Static analysis tools
C. Compilers
D. None of the above

24. _________is an example of lightweight secure software process
A. Oracle security process
B. Microsoft secure development life cycle
C. CMMI process
D. OSI Security standard

25. Which of the following statements is correct?
A. Risk assessment is the process of planning, managing risk, and mitigating risk.
B. Risk management is the process of planning, assessing risk, and mitigating risk,
C. Risk management applies to software development but risk assessment apply to overall organization.
D. D. None of the above

SHORT ANSWER

26. Briefly describe how much control a Project Manager has with four parameters of project management in managing secure, high assurance software. The four parameters are: scope, quality, resource and time.

27. Briefly explain how a software development process can become dependable through the use of tools..

28. Briefly discuss how do you test for software resiliency?

29. Briefly discuss how can documentation assist secure development and enhancement?

30. Briefly discuss how can open design contribute to better security?

Reference no: EM132295852

Questions Cloud

Write down the project scope statement : As a member of the Information Security team at a small college, you have been made the project manager to install an access control system (ACS).
Identify that the property is indeed vacant : You have selected a property in your area set on a large parcel of land. The gardens are overgrown and the property looks to be unoccupied.
Perform some research on a newer malware variant : Using a Web browser, perform some research on a newer malware variant that has been reported by a major malware containment vendor.
Designing a real time streaming data pipeline : Design a real time streaming data pipeline of financial newsfeeds that would be ingested in an AWS data repository and the resulting output would be ‘sentiment.
Briefly discuss how do you test for software resiliency : The process of Complete Mediation requires that every access by a subject to read an object, the operating system should mediate the action.
Examine how organizations have faced the challenges : Discuss how organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a.
Were you able to see this malware at both vendors : Using a search engine, go to the vendor's web site: this could be Symantec, McAfee, or any of their competitors. visit one malware prevention software vendor.
Explain how you would proceed an investigation : Explain how you would proceed: An investigation stakeholder tells you that one of the most critical objectives is to prove.
Evaluate the need for denormalization within an organization : Identify at least two factors that should be considered in order to produce an optimal normalized set of tables when performing normalization.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd