Question 1

A layer of protection called ______________ (from Greek words meaning &#34;hidden writing&#34;) is the practice of transforming information so it is secure and cannot be accessed by unauthorized parties.

Accepted Answer

Cryptography

Question 2

What aspect of job rotation requires teaching employees to perform multiple job functions besides the ones for which they were hired?

Accepted Answer

Cross training

Question 3

Which of the following security protections afforded by cryptography ensures that only authorized parties can view information?&#10;A) Integrity&#10;B) Confidentiality&#10;C) Authentication&#10;D) Non-repudiation

Accepted Answer

Confidentiality ensures that only authorized parties can view information.

Question 4

The costs associated with providing cybersecurity protections have plateaued and will probably remain constant over the next few years.

Accepted Answer

Cybersecurity costs are unlikely to plateau due to the evolving nature of cyber threats, technological advancements, and the increasing complexity of IT environments, which require ongoing investment in security measures.

Question 5

In which of the following cloud services does the customer has the highest level of control?&#10;A) Software as a service (SaaS)&#10;B) Platform as a service (PaaS)&#10;C) Infrastructure as a service (IaaS)&#10;D) Virtualization as a service (VaaS)

Accepted Answer

In Infrastructure as a Service (IaaS), customers have the highest level of control over the computing resources, including the operating systems, storage, and deployed applications, compared to SaaS and PaaS, where the service provider manages more of the infrastructure and platform.

Question 6

What is another name for dynamic code analysis?

Accepted Answer

The answer of What is another name for dynamic code...

Question 7

In the context of cybersecurity, what is fuzzing?

Accepted Answer

The answer of In the context of cybersecurity, what is...

Question 8

What element of quality assurance helps to ensure that resolved prior vulnerabilities continue to stay secure and that changes to the code do not inadvertently create new flaws that can break the application or cause unwanted results?

Accepted Answer

The answer of What element of quality assurance helps to...

Question 9

Which of the following SDLC best practices determines if software can withstand the workload placed on it without crashing and includes verification that the software can respond in a timely fashion to a high number of simultaneous users?

A) Security requirements definition
B) User acceptance testing
C) Input validation
D) Application stress testing

Accepted Answer

Application stress testing is a best practice in the SDLC that evaluates whether software can handle high workloads and respond efficiently under pressure, ensuring stability and performance with many simultaneous users.

Question 10

To ensure an efficient process, software testing should only be performed after coding is completed.

Accepted Answer

Software testing should be integrated throughout the development process, including during coding, to identify and fix issues early, ensuring a more efficient and effective development cycle.

Deck 11: Defense in Depth, Software Development, and Data Analytics