Hello friends if you are looking for Secure SDLC Free MCQ Question Answers | Secure SDLC Infosys Answers | Secure SDLC Awareness MCQ | Secure SDLC Question Answers Dumps | Secure SDLC Multiple choice questions
1. In order to mitigate the risk of unauthorized access to the personal information, the website used Multi Factor I Authentication (MFA). Here
Unauthorized access is a/an Threat
Personal information is a/an Asset
MFA is a/an Control
2. Match the security controls with their security layers
Bitlocker —> Data Layer
IPS/IDS —-> Network Layer
Security Training/ Awareness —-> Human Layer
Antimalware —-> Host Layer
3.You are part of software development team building a hospital management appication. The application will handle heathcare data which are considered as highly sensitive t Which of the following security measures or contrais will you recommend to your team for securing the sensitive data as part of a brainstorming activity?
Ans – All the above security measures must be implemented in a Defense in Depth approach.
Q4.which of the following changes in Secure SDLC, emphasizes on integrating security early into the software development lifecycle?
A.Process change – agile to waterfall model.
B.Rapid application development
D.Process change – shift left
Q5.Which of the following attack compromises confidentiality? (Choose two options)
A.Denial of Service attack
B.Keylogger – a malware that captures the keystrokes
C.Disclosure of passwords to unauthorized persons
Ans: B C
Q6. With respect to the consequences of not implementing Security in SDLC phases Which of the following statements are true (Select two)
A.Unsecured Requirement Phase-Application Security misaligned with business needs
B.Unsecured Design phase Presence of vulnerabilities when application/component is decommissioned
C.Unsecured Operations Phase Presence of common code vulnerabilities
D.Unsecured Deployment phase-Misconfiguration vulnerability
Ans: B C
Q7.In a team, braining among the members is going on what is Myth vs Reality with respect to the Cyber Security. Following statements were put forward by the team members. Which one do you think is really?
A.Password protected Wi-Fi networks are secure
B.There will always be residual risk after security control implementation
C. Compliance equates to a robust security strategy
D.Cyber threats are only external
8.In a multi-tier architecture provides larger attack surface than single tier architecture. True or False ?
Ans – True
Q9. An application devyemp is trying to reduce the kind of overall project. Jack suggested to implement security in each phase of SOLC. However the team-lead Jill thinks that it will increase the number of security practices to be implemented in each phase. Select the rest statement
A.Jill is correct team will need to follow additional practices
B.Both Jack and Jill are correct. Secure SDLC will require additional security practices however they will help in bringing down overall cost
C.There won’t be any effect of implementation of Secure SDLC on the cost of project
D.Jack’s suggestion will bring down the overall cost