Question 1

Ajax is a new technology.

Accepted Answer

A) True 
 B)False

Question 2

Why is it important to network with peers in this field?

Accepted Answer

A)  Good to find out salaries 
B)  good to get exposure with the boss 
C)  Good for moral 
D)  People move from project to project and place to place in this field very quickly. Chances are you will work with them again 
A)  Good to find out salaries 
B)  good to get exposure with the boss 
C)  Good for moral 
D)  People move from project to project and place to place in this field very quickly. Chances are you will work with them again

Question 3

According to the Organization for Internet Safety (OIS), which of the following steps for a threat response process does the organization announce the attack?

Accepted Answer

A)  Resolution: 
B)  Release 
C)  Notification 
D)  Investigation 
A)  Resolution: 
B)  Release 
C)  Notification 
D)  Investigation

Question 4

What is the first thing the develop can rely on when an attack occurs to the Application Guide?

Accepted Answer

A)  look at the code 
B)  view error logs 
C)  rely on the Are You Ready section of the Application Guide 
D)  wait for CCB direction 
A)  look at the code 
B)  view error logs 
C)  rely on the Are You Ready section of the Application Guide 
D)  wait for CCB direction

Question 5

Software assurance can be proven, validated, and substantiated only by the process in place and the artifacts produced from each process.

Accepted Answer

A) True 
 B)False

Question 6

What is the best way to be proactive in solving application errors?

Accepted Answer

A)  Test more 
B)  Monitor error logs 
C)  Re-read the use case document 
D)  Wait for the user to open a Change Request 
A)  Test more 
B)  Monitor error logs 
C)  Re-read the use case document 
D)  Wait for the user to open a Change Request

Question 7

The benefits to a CCB are twofold: -Provide a known and methodical decision process -Sustain security and quality in the software artifacts

Accepted Answer

A) True 
 B)False

Question 8

Which is the most threatens to a software during the maintenance phase?

Accepted Answer

A)  Change Request Board 
B)  software upgrades 
C)  Change Requests 
D)  no testing procedures 
A)  Change Request Board 
B)  software upgrades 
C)  Change Requests 
D)  no testing procedures

Question 9

If someone were to ask you to prove that your application is secure, what would the Misuse cases prove?

Accepted Answer

A)  Proves that threat analysis and investigation was done looking for ways to break the software 
B)  Prove that there is a process in place that proactively monitors new threats 
C)  Prove that testing is a major process in the development life cycle 
D)  It provides documentation of the reusable, secure process 
A)  Proves that threat analysis and investigation was done looking for ways to break the software 
B)  Prove that there is a process in place that proactively monitors new threats 
C)  Prove that testing is a major process in the development life cycle 
D)  It provides documentation of the reusable, secure process

Question 10

When should an incident report be released?

Accepted Answer

A)  As soon as one is found 
B)  After a Resolution is found 
C)  ASAP 
D)  Right after the verification of the attack 
A)  As soon as one is found 
B)  After a Resolution is found 
C)  ASAP 
D)  Right after the verification of the attack

Question 11

Two of the most common changes to a software application during the maintenance phase are new data flows and new user roles.

Accepted Answer

A) True 
 B)False

Question 12

To help maintain the software's security, make training part of the development methodology for new hires.

Accepted Answer

A) True 
 B)False

Question 13

Keeping a daily journal is a waste of time and has no place on your project.

Accepted Answer

A) True 
 B)False

Question 14

If someone were to ask you to prove that your application is secure, what would the Application Guide prove?

Accepted Answer

A)  That you have secure code 
B)  documentation of the reusable, secure process 
C)  That you have tools configured 
D)  That the software is bug free 
A)  That you have secure code 
B)  documentation of the reusable, secure process 
C)  That you have tools configured 
D)  That the software is bug free

Question 15

The CCB is only made up of developers.

Accepted Answer

A) True 
 B)False

Question 16

What type of report is reactive?

Accepted Answer

A)  Application Guide 
B)  Misuse Case 
C)  Incident 
D)  Test script 
A)  Application Guide 
B)  Misuse Case 
C)  Incident 
D)  Test script

Question 17

What does benchmarking time do for you?

Accepted Answer

A)  let's everyone on the team know where they should be 
B)  provides goals 
C)  looking at the project plan and comparing the estimates with the actual coding time 
D)  padds hours for the plan 
A)  let's everyone on the team know where they should be 
B)  provides goals 
C)  looking at the project plan and comparing the estimates with the actual coding time 
D)  padds hours for the plan

Question 18

What is one way you can improve your ability to provide meaningful estimates?

Accepted Answer

A)  keep a daily journal of how long each code module takes to code 
B)  exagerate more hours 
C)  let someone else estimate 
D)  work as long as it takes to make the deadlines 
A)  keep a daily journal of how long each code module takes to code 
B)  exagerate more hours 
C)  let someone else estimate 
D)  work as long as it takes to make the deadlines

Question 19

Software assurance means?

Accepted Answer

A)  software has been tested 
B)  you have secure code 
C)  the software is certified 
D)  process in place and a plan of action to ensure that the software that is written is secure 
A)  software has been tested 
B)  you have secure code 
C)  the software is certified 
D)  process in place and a plan of action to ensure that the software that is written is secure

Question 20

The main benefit of a CCB is to reinforce management's support for software artifacts and to prioritize the workload.

Accepted Answer

A) True 
 B)False

Ajax is a new technology.

Why is it important to network with peers in this field?

According to the Organization for Internet Safety (OIS), which of the following steps for a threat response process does the organization announce the attack?

What is the first thing the develop can rely on when an attack occurs to the Application Guide?

Software assurance can be proven, validated, and substantiated only by the process in place and the artifacts produced from each process.

What is the best way to be proactive in solving application errors?

The benefits to a CCB are twofold: -Provide a known and methodical decision process -Sustain security and quality in the software artifacts

Which is the most threatens to a software during the maintenance phase?

If someone were to ask you to prove that your application is secure, what would the Misuse cases prove?

When should an incident report be released?

Two of the most common changes to a software application during the maintenance phase are new data flows and new user roles.

To help maintain the software's security, make training part of the development methodology for new hires.

Keeping a daily journal is a waste of time and has no place on your project.

If someone were to ask you to prove that your application is secure, what would the Application Guide prove?

The CCB is only made up of developers.

What type of report is reactive?

What does benchmarking time do for you?

What is one way you can improve your ability to provide meaningful estimates?

Software assurance means?

The main benefit of a CCB is to reinforce management's support for software artifacts and to prioritize the workload.

Why You Need to Learn Secure Programming

Coding in the Sdlc: Not a Solitary Practice

Principles of Security and Quality

Getting Organized: What to Do on Day One

Software Requirements: Hear What They Say, Know What They Mean, Protect What They Own

Designing for Quality: the Big Picture

Designing for Security

Development Tools: Choose Wisely

Coding in the Cube: Developing Good Habit

Testing for Quality and Security

Filters

Exam 11: Maintain Your Software, Maintain Your Career

Ajax is a new technology.

Why is it important to network with peers in this field?

According to the Organization for Internet Safety (OIS), which of the following steps for a threat response process does the organization announce the attack?

What is the first thing the develop can rely on when an attack occurs to the Application Guide?

Software assurance can be proven, validated, and substantiated only by the process in place and the artifacts produced from each process.

What is the best way to be proactive in solving application errors?

The benefits to a CCB are twofold: -Provide a known and methodical decision process -Sustain security and quality in the software artifacts

Which is the most threatens to a software during the maintenance phase?

If someone were to ask you to prove that your application is secure, what would the Misuse cases prove?

When should an incident report be released?

Two of the most common changes to a software application during the maintenance phase are new data flows and new user roles.

To help maintain the software's security, make training part of the development methodology for new hires.

Keeping a daily journal is a waste of time and has no place on your project.

If someone were to ask you to prove that your application is secure, what would the Application Guide prove?

The CCB is only made up of developers.

What type of report is reactive?

What does benchmarking time do for you?

What is one way you can improve your ability to provide meaningful estimates?

Software assurance means?

The main benefit of a CCB is to reinforce management's support for software artifacts and to prioritize the workload.

Why You Need to Learn Secure Programming

Coding in the Sdlc: Not a Solitary Practice

Principles of Security and Quality

Getting Organized: What to Do on Day One

Software Requirements: Hear What They Say, Know What They Mean, Protect What They Own

Designing for Quality: the Big Picture

Designing for Security

Development Tools: Choose Wisely

Coding in the Cube: Developing Good Habit

Testing for Quality and Security

Filters