module 4.2
The software development process that depends on feedback (such as regular testing), rather than planning, as its primary control mechanism is called __________.
Agile development
Regarding secure software development, Extreme Programming (XP) involves which of the following?
An iterative process
____________ is a life cycle process in which the phases are much smaller than other processes, often taking a day or a week each. Automated testing, coding, design and architecture, and additional testing are performed for each small section of the product before another section is started.
Extreme Programming (XP)
Which of the following is level 1 of the Capability Maturity Model?
Initial
_________________ are simplified representations of an organization's capability for continuous improvement in a particular discipline.
Maturity Models
Lean Software Development model focuses on ________________________.
Minimizing risk and waste while maximizing value to the customers
What are the characteristics of the Spiral Framework?
NOT A combination of the linear waterfall approach with an iterative method., NOT Reacts to feedback from the customers/users and their changing needs.
Which of the following is NOT a phase of the waterfall model?
NOT Basic Design, NOT Maintenance
In Microsoft's Security Development Lifecycle Model, the ________ phase is the point at which the software is functionally complete and enters user beta testing. This is where the product team conducts a "security push" that includes security code reviews beyond those previously completed as well as focused security testing.
NOT Beta analysis, NOT implementation
During the _______ phase of Microsoft's Security Development Lifecycle, the product team codes the software.
NOT Design
Microsoft's lifecycle model modifies the standard software development process by integrating measures that lead to improved software ________.
NOT Functionality
In which phase of the Capability Maturity Model Integration (CMMI), projects are planned, performed, measured, and controlled?
NOT Initial
Microsoft's Security Development Lifecycle process recommends an organized group to drive the development and evolution of security best practices and process improvements, to serve as a source of expertise, and to perform a Final ________ Review before software is released.
NOT Security
Regarding software development, in theory, what does the waterfall model imply?
Once a phase is completed, the process advances to the next phase.
ssdf practices in 4 groups
PO, PS, PW, RV
Which of the following is NOT a phase in Microsoft's Security Development Lifecycle Model?
Requirements, design, implementation, verification, release ARE phases
What is the focus of DeSecOps?
Security
"Extreme Programming" method is known for ________________.
the timeframe of phases being shorter than usual
The main focus of the agile software development is _______________.
what customers want
In Microsoft's Security Development Lifecycle, testing is primarily performed in which two phases?
Implementation and Verification
