Tag: security

Questions Related to security

What type of testing is done by ASAP team during the testing and rollout phase?
technology security

  1. Integration testing

  2. System testing

  3. Penetration testing

  4. Unit testing

Show answer
Correct Option: C

As per the ASAP Process what all artifacts are provided to help aid in the analysis phase?
technology security

  1. Security URS

  2. Security URS and SRS

  3. Security Design Guidelines

  4. All of the above

Show answer
Correct Option: B

Who does the review of the security elements of the updated project artifacts at the end of each phase of the application development life cycle?
technology security

  1. Application development team

  2. Project Manager

  3. ASAP Team

  4. Testing Team

Show answer
Correct Option: C

The principle of least privilege as it applies to Access control mandates that:
technology security

  1. Group based access control should be implemented to assign permissions to application users

  2. Consistent authorization checking should be performed on all application pages

  3. A set of all allowable actions should be defined for each user role and all other's denied

  4. All failed access authorization requests should be logged to a secure location for review by administrators

Show answer
Correct Option: C

The ASAP process can applied at which phase of an application development for best results?
technology security

  1. During testing

  2. During development

  3. During all phases of development starting with requirement analysis and ending with rollout

  4. During design

Show answer
Correct Option: C

In the ASAP process what is the main activity carried out in the requirement analysis phase?
technology security

  1. Capture the customer requirements

  2. Update the project plan

  3. Capture and update the URS and SRS with security requirements for the project

  4. None of the above

Show answer
Correct Option: C

Who has the responsibility for remediation of the security vulnerabilities discovered during application security testing?
technology security

  1. ASAP Team

  2. Development Team

  3. Testing Team

  4. Project Management

Show answer
Correct Option: B

What are the different types of engagement models available for ASAP?
technology security

  1. Time and Money, Fixed price

  2. Offshore, Onshore, Offshore-Onshore

  3. Full-Fledged, Staggered, Fast Track

  4. None of the above

Show answer
Correct Option: C

As part of ASAP what type of analysis is performed during the design and build phase?
technology security

  1. Dynamic code analysis

  2. Static code analysis

  3. Both

  4. None

Show answer
Correct Option: B

What type of testing is done by ASAP team during the testing and rollout phase?
technology security

  1. Integration testing

  2. System testing

  3. Penetration testing

  4. Unit testing

Show answer
Correct Option: C