Computer Science Homework Help

QUESTION 1

Software produced for sale should minimize:

a.License costs

b.Database connections

c.Acceptance of risks

d.Communication of threat model

QUESTION 2

Which is a valid form of monitoring for the emergence of threats?

a.Change detection

b.Impact detection

c.Auto detection

d.Both A and B

QUESTION 3

Which is a valid form of standard mitigation technology?

a.Platform provided controls

b.Operational controls

c.Both A and B

d.A but not B

QUESTION 4

Which is a valid method for using design to eliminate risk?

a.FAIR

b.Comparative method

c.Integrated method

d.Both B and C

QUESTION 5

Adding more code to a system can:

a.Eliminate the source of security vulnerabilities

b.Not address the source of security vulnerabilities

c.Expand the source of security vulnerabilities

d.A, B and C

QUESTION 6

A threat tracking method that features thresholds for threat severity is a:

a.Threshold proximinator

b.Bug BI

c.Both A and B

d.Bug bar

QUESTION 7

Which is not an approach for prioritizing threats?

a.Wait and see

b.Change detection

c.Easy fixes first

d.FAIR

QUESTION 8

Which of the following is considered a short coming of FAIR?

a.FAIR is used to derive and articulate risk

b.The asset and attacker-centricity of FAIR

c.FAIR defines risk as a function of loss

d.FAIR estimates worst-case loss

QUESTION 9

Which is a factor to consider when deciding to mitigate or accept risk?

a.Information being collected and stored

b.Users of the system

c.Fitness for purpose

d.All of the above

QUESTION 10

Which is a valid test of a threat mitigation?

a.Test of the mitigation

b.Test of the mitigation bypass

c.B but not A

d.Both A and B