NSCT – Software Security Engineering MCQs 20 min Score: 0 Attempted: 0/20 Subscribe 1. . Software Security Engineering is: (A) Only coding (B) The process of designing, implementing, and testing software to ensure it is secure from threats (C) Memory allocation (D) CPU schedulingShow All Answers 2. . The main goal of software security engineering is: (A) CPU optimization (B) Only allocate memory (C) Protect software and data from unauthorized access, modification, or destruction (D) File deletion 3. . Common security objectives include: (A) Only coding efficiency (B) CPU speed, memory allocation, and file size (C) Confidentiality, integrity, and availability (CIA) (D) File deletion only 4. . Confidentiality ensures: (A) Memory allocation only (B) CPU speed optimization (C) Sensitive information is accessed only by authorized users (D) File deletion 5. . Integrity ensures: (A) CPU scheduling (B) Data and software remain accurate and unaltered except by authorized actions (C) Memory allocation (D) File deletion 6. . Availability ensures: (A) Authorized users can access software and data when needed (B) CPU optimization (C) Memory allocation (D) File deletion 7. . Threat modeling in security engineering involves: (A) File deletion only (B) Allocating memory only (C) CPU scheduling only (D) Identifying potential security threats and vulnerabilities 8. . Authentication is: (A) Memory allocation (B) Verifying the identity of a user or system (C) CPU scheduling (D) File deletion 9. . Authorization is: (A) CPU optimization (B) Granting access rights to resources based on user privileges (C) Memory allocation (D) File deletion 10. . Encryption is used to: (A) File deletion (B) CPU scheduling (C) Memory allocation (D) Protect data confidentiality by converting it into unreadable form 11. . Secure coding practices help: (A) CPU optimization only (B) Prevent vulnerabilities like SQL injection, buffer overflow, and cross-site scripting (C) Memory allocation only (D) File deletion only 12. . Security testing involves: (A) File management (B) Memory allocation (C) CPU scheduling (D) Evaluating software for vulnerabilities and potential attacks 13. . Penetration testing is: (A) File deletion only (B) CPU optimization only (C) Memory allocation only (D) Simulated attacks on software to identify security weaknesses 14. . Threats can include: (A) Memory only (B) CPU only (C) Malware, hackers, insider threats, and social engineering attacks (D) File deletion only 15. . Vulnerability assessment is: (A) CPU scheduling (B) Identifying and quantifying security weaknesses in software (C) Memory allocation (D) File deletion 16. . Security policies define: (A) CPU scheduling only (B) Rules and procedures for secure use and development of software (C) Memory allocation only (D) File deletion only 17. . Access control mechanisms include: (A) Memory allocation only (B) Role-based, discretionary, and mandatory access controls (C) CPU scheduling only (D) File deletion only 18. . Logging and auditing in security engineering help to: (A) Memory allocation only (B) CPU optimization only (C) Track user actions and detect unauthorized activities (D) File deletion only 19. . Secure software development lifecycle (SSDLC) integrates: (A) Memory allocation only (B) CPU scheduling only (C) Security practices throughout design, coding, testing, and maintenance (D) File deletion only 20. . The ultimate goal of software security engineering is: (A) Optimize CPU only (B) Only allocate memory (C) Deliver software that is reliable, safe, and resistant to attacks (D) Delete files automatically
