Quiz CSSLP

Quiz CSSLP, Certified Secure Software Lifecycle Professional

Which of the following statements about the authentication concept of information security management is true?

What should Billy tell management if he’s following the best practices for risk management?

which of the following phases of NIST SP 800-37 C&A methodology does the security categorization occur?

which of the following DIACAP phases is residual risk analyzed?

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software?

Which of the following provides an easy way to programmers for writing lower-risk applications and retrofitting security into an existing application?

Which of the following is a malicious exploit of a website, whereby unauthorized commands are transmitted from a user trusted by the website?

Which of the following types of attack is this?

what quantitative risk analysis is?

which of the following DITSCAP/NIACAP model phases occurs at the initiation of the project, or at the initial C&A effort of a legacy system?