Save
Upgrade to remove ads
Busy. Please wait.
Log in with Clever
or
show password
Forgot Password?
Don't have an account?  Sign up 
Sign up using Clever
or
Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account. Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
edit
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Computer Security-21

Chapter 21

QuestionAnswer
The________ is the body that provides oversight to the change management process. Change control board
____________________, also known as ____________________, is a standard methodology for performing and recording changes during software developmentand operation. Change management/configuration management.
____________ is the process of assigning responsibilities to different individuals such that no single individual can commit fraudulent or malicious actions. Separation of duties
Procedures for tracking and maintaining data relative to each configuration item in the baseline are ____________________. Configuration Status Accounting.
A __________ describes a system as it is built and functioning at a point in time. Baseline
A structured methodology that provides an evolutionary path from ad‐hoc processes to disciplined software management is the ____________________. Capability Maturity Model (CMM).
The process of verifying that configuration items are built and maintained according to requirements standards or contractual agreements is____________ Configuration auditing
The document used by the change control board to track changes to software is called a ____________________. Software Problem Report.
When you identify which assets need to be managed and controlled, you are performing_____________ Configuration identification
____________________ is the process of controlling changes to items which havebeen baselined. Configuration Control.
The original developer of the web-based system has left the company and the new developer assigned has been unable to find the latest source code for that system. This type of problem could have been prevented by_________ Proper change management procedures over the source code.
Why should developers and testers avoid using “live” production data to perform various testing activities? The use of “live” production data can jeopardize the confidentiality andintegrity of the production data.
Software change management procedures are established to______________ Add structure and control to the development of software systems.
Which of the following correctly defines the principle of least privilege? Users have no more privileges than are necessary to perform their jobs.
Which of the following is NOT a principle of segregation of duties? Software development, testing, quality assurance, and production should be assigned to the same individuals.
Configuration auditing consists of… The process of verifying that the configuration items are built and maintained properly.
Why should any users not be given access to program source codes? It could allow an end user to execute the source code.
Which position is responsible for modifying code in the system? Developer
Configuration control consist of...... The process of controlling changes to items that have been baselined.
Configuration identification consists of… The process of identifying which assets need to be managed and controlled.
Which position is responsible for approving the movement of executable codes to the production system Manager
The purpose of a change control board (CCB) is to… Facilitate management oversight and better project coordination.
Which computer security technology is used to ensure the integrity of executable code? Host-based intrusion detection systems
In the Software Engineering Institute’s Capability Maturity Model (CMM), which of the following correctly defines Level 1, Initial? The software process is ad hoc.
In the software engineering Institute's Capability Maturity Model (CMM) which of the following correctly defines level 5 optimizing? Key business procedures and the supporting software are continuously improved based on measurements and testing the ideas.
In the software engineering Institute's Capability Maturity Model (CMM) which of the following correctly defines level 5 optimizing? Key business procedures and the supporting software are continuously improved based on measurements and testing the ideas.
Created by: ryanparnelltcc1
 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards