Chapter 8 ■ Software Development Security (Domain 8) 177
- When using the SDLC, which one of these steps should you take before the others?
A. Functional requirements determination
B. Control specifications development
C. Code review
D. Design review- Jaime is a technical support analyst and is asked to visit a user whose computer is display-
ing the error message shown here. What state has this computer entered?
A. Fail open
B. Irrecoverable error
C. Memory exhaustion
D. Fail secure- Which one of the following is not a goal of software threat modeling?
A. To reduce the number of security-related design flaws
B. To reduce the number of security-related coding flaws
C. To reduce the severity of non-security-related flaws
D. To reduce the number of threat vectors