第27章试题
1. When analyzing security requirements focus in system assets with the highest value and greatest exposure.
A. TrueB. False
正确答案:A
2. It is possible to have a safe system that is not secure.
A. TrueB. False
正确答案:B
3. Individuals rarely expose their personal information to others on social media networks.
A. TrueB. False
正确答案:B
4. Wireless networks require the trust and cooperation between nodes that can be exploited by malicious programs?
A. TrueB. False
正确答案:A
5. Cloud computing is has greater levels of security that other web data repositories.
A. TrueB. False
正确答案:B
6. The security concerns remain an obstacle to implementing the vision implied by the Internet of Things .
A. TrueB. False
正确答案:A
7. Security and usability requirements are often in conflict with each other.
A. TrueB. False
正确答案:A
8. Which of following is not one of the elements of a security model?
A. Criminal background checksB. External interface requirements
C. Rules of operation
D. Security policy objectives
正确答案:A
9. Security metrics and measures need to assess which of these properties?
A. DependabilityB. Survivability
C. Trustworthiness
D. All of the above
正确答案:D
10. Security correctness checks should be included which of the following activities?
A. AuditsB. Deployment
C. Inspections
D. Testing
E. a, b, c
正确答案:E
11. Which is not one of the elements of a security case?
A. ArgumentsB. Bug reports
C. Claims
D. Evidence
正确答案:B
12. Security assurance and risk identification must be included in the schedule and budget if they are to be taken seriously.
A. TrueB. False
正确答案:A
13. Threat analysis is not needed for conventional software applications.
A. TrueB. False
正确答案:B
14. An incident response plan spells out the actions to be carried out by each stakeholder in response to specific attacks.
A. TrueB. False
正确答案:A