1. . Secure Software Development is the practice of:
(A) Installing software faster
(B) Designing and coding software to prevent security vulnerabilities
(C) Deleting old programs
(D) Increasing system speed
2. . The main goal of secure software development is to:
(A) Increase storage space
(B) Ensure confidentiality, integrity, and availability of software
(C) Compress files
(D) Improve graphics
3. . Threat modeling in software development is used to:
(A) Identify potential security risks and vulnerabilities
(B) Increase internet speed
(C) Delete old code
(D) Compress data
4. . Input validation is important because it:
(A) Compresses files
(B) Deletes files automatically
(C) Increases CPU speed
(D) Prevents malicious data from being processed
5. . SQL Injection can be prevented by:
(A) Deleting database tables
(B) Using parameterized queries
(C) Increasing storage
(D) Using default passwords
6. . Cross-Site Scripting (XSS) attacks can be mitigated by:
(A) Using HTTP only
(B) Deleting browser cache
(C) Sanitizing user input
(D) Increasing network speed
7. . Secure software development lifecycle (SDLC) includes:
(A) Only coding
(B) Requirements, design, implementation, testing, deployment, maintenance
(C) Only testing
(D) Only deployment
8. . Code review in secure development helps to:
(A) Increase network speed
(B) Delete unnecessary files
(C) Detect and fix security vulnerabilities
(D) Compress data
9. . Threats like buffer overflow can be prevented by:
(A) Proper input validation and bounds checking
(B) Ignoring errors
(C) Using default passwords
(D) Skipping testing
10. . Authentication and authorization in software ensures:
(A) Files are deleted automatically
(B) All users can access everything
(C) Only legitimate users can access the system and resources
(D) Network speed is increased
11. . Using strong cryptography in software helps to:
(A) Protect sensitive data from unauthorized access
(B) Delete files automatically
(C) Compress data
(D) Increase CPU speed
12. . Error messages should be:
(A) Generic and not reveal system details
(B) Detailed with database info
(C) Printed publicly
(D) Ignored
13. . Session management in software helps to:
(A) Compress files
(B) Delete old accounts
(C) Increase internet speed
(D) Securely handle user sessions and prevent hijacking
14. . Security testing in software development includes:
(A) Only UI testing
(B) Only performance testing
(C) Penetration testing, vulnerability scanning, code review
(D) Only network monitoring
15. . Using default passwords in software is:
(A) Required for updates
(B) Safe practice
(C) A security risk
(D) Optional
16. . Logging and monitoring in software helps to:
(A) Increase storage
(B) Detect suspicious activities and security breaches
(C) Compress data
(D) Speed up applications
17. . Secure software should follow the principle of:
(A) Maximum access
(B) Least privilege
(C) Random permissions
(D) Public sharing
18. . Static code analysis is used to:
(A) Compress data
(B) Delete files
(C) Increase network speed
(D) Detect vulnerabilities in source code before execution
19. . Dynamic code analysis helps to:
(A) Delete old logs
(B) Find vulnerabilities during software execution
(C) Encrypt files automatically
(D) Increase CPU speed
20. . The main objective of Secure Software Development is to:
(A) Compress files
(B) Build software that is resilient against attacks and protects user data
(C) Delete old programs
(D) Increase graphics performance