What are the two common best principles of software applications in the development process? Choose 2 answers.
Quality code Secure code Information security Integrity
Availability: Quality code Secure code
"Quality code" is correct. Quality code is efficient code that is easy to maintain and reu...
D487: SECURE SOFTWARE DESIGN QUESTIONS 2024
VERIFIED QUESTIONS AND ANSWERS 100% CORRECT
What are the two common best principles of software applications in the
development process? Choose 2 answers.
Quality code Secure code Information securityIntegrity
Availability: Quality codeSecure code
"Quality code" is correct. Quality code is efficient code that is easy to maintain andreusable
"Secure code" is correct. Secure code authorizes and authenticates every usertransaction,
logs the transaction, and denies all unauthorized requisitions.
What ensures that the user has the appropriate role and privilege to viewdata?
Authentication
Multi-factor authenticationEncryption
Information security Authorization: Authorization
Authorization ensures a user's information and credentials are approved by thesystem.
Which security goal is defined by "guarding against improper information
modification or destruction and ensuring information non-repudiation and
authenticity"?
Integrity Quality Availability
Reliability: Integrity
The data must remain unchanged by unauthorized users and remain reliable fromthe data
entry point to the database and back.
Which phase in an SDLC helps to define the problem and scope of anyexisting
systems and determine the objectives of new systems? Requirements
Design Planning
Testing: Planning
The planning stage sets the project schedule and looks at the big picture.
What happens during a dynamic code review?
Programmers monitor system memory, functional behavior, response times,and
overall performance.
Customers perform tests to check software meets requirements.
An analysis of computer programs without executing them is performed. Input
fields are supplied with unexpected input and tested.: Programmers mon-itor system
memory, functional behavior, response times, and overall performance.
How should you store your application user credentials in your application
database?
Use application logic to encrypt credentialsStore credentials as clear text
Store credentials using Base 64 encoded
Store credentials using salted hashes: Store credentials using salted hashes
Hashing is a one-way process that converts a password to ciphertext using hashalgorithms.
Password salting adds random characters before or after a passwordprior to hashing to
obfuscate the actual password.
Which software methodology resembles an assembly-line approach?V-model
Agile model Iterative model
Waterfall model: Waterfall model
Waterfall model is a continuous software development model in which the develop-ment
steps flow steadily downwards.
Which software methodology approach provides faster time to market andhigher
business value?
, D487: SECURE SOFTWARE DESIGN QUESTIONS 2024
VERIFIED QUESTIONS AND ANSWERS 100% CORRECT
Iterative model Waterfall modelV-model
Agile model: Agile model
In the agile model, projects are divided into small incremental builds that provideworking
software at the end of each iteration and adds value to business.
In Scrum methodology, who is responsible for making decisions on the
requirements?
Scrum Team
Product OwnerScrumMaster
Technical Lead: Product Owner
The Product Owner is responsible for requirements/backlog items and prioritizingthem.
What is the reason software security teams host discovery meetings with
stakeholders early in the development life cycle?
To determine how much budget is available for new security toolsTo meet the
development team
To refactor functional requirements to ensure security is included
To ensure that security is built into the product from the start: To ensure that
security is built into the product from the start
To correctly and cost-effectively introduce security into the software development lifecycle, it
needs to be done early.
Why should a security team provide documented certification require-ments
during the software assessment phase?
Certification is required if the organization wants to move to the cloud.
Depending on the environment in which the product resides, certifications may
be required by corporate or government entities before the software canbe
released to customers.
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur ACELEARNERS. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €18,08. Vous n'êtes lié à rien après votre achat.
