Secure SDLC MCQ with answers


Hello friends if you are looking for Secure SDLC Free MCQ Question Answers | Secure SDLC Infosys Answers | Secure SDLC Awareness MCQ | Secure SDLC Question Answers Dumps | Secure SDLC Multiple choice questions

1. In order to mitigate the risk of unauthorized access to the personal information, the website used Multi Factor I Authentication (MFA). Here

Unauthorized access is a/an Threat

Personal information is a/an Asset

MFA is a/an Control

2. Match the security controls with their security layers

Bitlocker —> Data Layer

IPS/IDS —-> Network Layer

Security Training/ Awareness —-> Human Layer

Antimalware —-> Host Layer

3.You are part of software development team building a hospital management appication. The application will handle heathcare data which are considered as highly sensitive t Which of the following security measures or contrais will you recommend to your team for securing the sensitive data as part of a brainstorming activity?

Ans – All the above security measures must be implemented in a Defense in Depth approach.

Q4.which of the following changes in Secure SDLC, emphasizes on integrating security early into the software development lifecycle?

A.Process change – agile to waterfall model.
B.Rapid application development
C.Centralized control
D.Process change – shift left

Ans: d

Q5.Which of the following attack compromises confidentiality? (Choose two options)

A.Denial of Service attack
B.Keylogger – a malware that captures the keystrokes
C.Disclosure of passwords to unauthorized persons
D.Ransomware attack


Ans: B C

Q6. With respect to the consequences of not implementing Security in SDLC phases Which of the following statements are true (Select two)

A.Unsecured Requirement Phase-Application Security misaligned with business needs

B.Unsecured Design phase Presence of vulnerabilities when application/component is decommissioned

C.Unsecured Operations Phase Presence of common code vulnerabilities

D.Unsecured Deployment phase-Misconfiguration vulnerability

Ans: B C

Q7.In a team, braining among the members is going on what is Myth vs Reality with respect to the Cyber Security. Following statements were put forward by the team members. Which one do you think is really?

A.Password protected Wi-Fi networks are secure
B.There will always be residual risk after security control implementation
C. Compliance equates to a robust security strategy
D.Cyber threats are only external

Ans: B

8.In a multi-tier architecture provides larger attack surface than single tier architecture. True or False ?

Ans – True

Q9. An application devyemp is trying to reduce the kind of overall project. Jack suggested to implement security in each phase of SOLC. However the team-lead Jill thinks that it will increase the number of security practices to be implemented in each phase. Select the rest statement

A.Jill is correct team will need to follow additional practices
B.Both Jack and Jill are correct. Secure SDLC will require additional security practices however they will help in bringing down overall cost
C.There won’t be any effect of implementation of Secure SDLC on the cost of project
D.Jack’s suggestion will bring down the overall cost

Ans: B


6 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *