Online Access Free Secure-Software-Design Exam Questions

A legacy application has been replaced by a new product that provides mobile capabilities to the company's customer base. The two products have run concurrently for the last three months to provide a fallback if the new product experienced a large-scale failure. The time has come to turn off access to the legacy application.
Which phase of the Software Development Life Cycle (SDLC) is being described?

• A.Maintenance
• B.Planning
• C.End of Life
• D.Design

Which software-testing technique can be automated or semi-automated and provides invalid, unexpected, or random data to the inputs of a computer software program?

• A.Bugtraq
• B.Fuzzing
• C.Dynamic analysis
• D.Static analysis

The security software team has cloned the source code repository of the new software product so they can perform vulnerability testing by modifying or adding small snippets of code to see if they can cause unexpected behavior and application failure.
Which security testing technique is being used?

• A.Dynamic Code Analysis
• B.Source-Code Fault Injection
• C.Fuzz Testing
• D.Binary Fault Injection

Which DKEAD category has a risk rating based on the threat exploit's potential level of harm?

• A.Reproducibility
• B.Exploitability
• C.Damage potential
• D.Affected users

In which step of the PASTA threat modeling methodology is vulnerability and exploit analysis performed?

• A.Application decomposition
• B.Define technical scope
• C.Attack modeling
• D.Define objectives