Chat with AIExam 2: Software Engineering and Security
____ provides strict access control, allowing information to flow freely between users in a computing system who have appropriate security access while preventing information leaks to unauthorized users.
(34) 
VerifiedB
Why does security depend on more than technologies?
(36) VerifiedTo secure a software system, both technology and organization policies and personnel processes are needed. A system can have the most advanced technical protection, but it can still be compromised if the administrator is willing to give the needed information to an attacker. According to BBC news in a report published on April 2004 at the BBC Web site, 34% of respondents volunteered their computer system password when asked without even needing to be bribed. Another survey showed that, when questioned, 79% of people unwittingly gave away information that could be used to steal their identity. Social engineering attack is the practice of conning people into revealing sensitive data about a computer system, and these attacks can render any type of security measures useless. Most of the attacks are carried out by phone or in person; the attacker pretends to be an authorized user and can gain illicit access to a system. To reduce the risk of social engineering attacks, the technologies that provide security measures must be integrated into organizations' security policies and processes.
____ breaks the software code into portions that run on ordinary RAM, portions that run on read-only memory (ROM), portions that run under secure hardware, and/or portions that run remotely in a trusted location.
(30) VerifiedD
The _____ is specific information stored in the license that represents the uniqueness between a particular license and the environment where the software product is deployed.
(40) Why are security infrastructure mismatches one of the most serious issues in software security?
(41) The ____ model is the most fundamental process model used to build software.
(34) _____ attack is the practice of conning people into revealing sensitive data about a computer system.
(23) A security requirement is a manifestation of a high-level security policy related to the detailed requirements of a specific system.
(28) Before users are allowed to access any information in the MLS model, they assigned a ____ level.
(33) Briefly describe the main characteristics of the rational unified process (RUP)?
(29) ____ channels allow information to be transmitted by mechanisms not intended for signaling information, for example, locks, system load, or CPU cycle load.
(30) ____ is by far the most talked about and widely used agile methodology, at least among software consulting professionals.
(35) During ____, unified security architecture must be put in place to enable the system to enforce various security principles and fulfill all the use cases from requirement analysis.
(34) What are the two procedures that should be completed before sign-off of the implementation phase of the waterfall model?
(31) Verified (32) The MLS security model cannot be implemented on top of another base operating system.
(29) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)