Module 1 challenge
Fill in the blank: The software development security domain involves the use of the software development ______, which is an efficient process used by teams to quickly build software products and services.
???
What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?
???
Which of the following statements accurately describe risk? Select all that apply.
Assets with SPII, PII, or intelelctual property are examples of high-risk assets, If compromised, a medium-risk asset may cause some damage to an organization's reputation, Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved
In the Risk Management Framework (RMF), which step notes the importance of being accountable for potential risks and may involve generating reports or developing plans of action?
Authorize
How does business continuity enable an organization to maintain everyday productivity?
By establishing risk disaster recovery plans
When working in the software development security domain, which of the following are tasks that security team members may complete during various phases of the software development lifecycle? Select three answers.
Conducting secure code reviews, Performing penetration testing, Initiating a secure design review
A business experiences an attack. As a result, a major news outlet reports the attack, which creates bad press for the organization. What type of consequence does this scenario describe?
Damage to reputation
Which of the following activities may be part of establishing security controls? Select three answers.
Evaulate whether current controls help achieve business goals, Collect and analyze security data regularly, Implement multi-factor authentication
Which of the following examples are key focus areas of the security and risk management domain? Select three answers.
Follow legal regulations, Maintain business continuity, Mitigate risk
A security analyst ensures that employees are able to review only the data they need to do their jobs. Which security domains does this scenario relate to?
Identity and access management
Which of the following examples are key focus areas of the security and risk management domain? Select three answers.
Mitigate risk, Be in compliance, Define security goals and objectives
Fill in the blank: According to the concept of shared responsibility, employees can help lower risk to physical and virtual security by _________. Select two answers
Recognizing and reporting security concerns, taking an active role
Fill in the blank: Security posture refers to an organization's ability to react to ______ and manage its defense of critical assets and data
change