Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

CEN4078 Secure Software Development Exam Questions (200 Questions) – SDLC, Threat Modeling, DevSecOps

Rating
-
Sold
-
Pages
31
Grade
A+
Uploaded on
17-02-2026
Written in
2025/2026

This document contains 200 exam-style questions and verified answers for CEN4078 Secure Software Development, covering the complete scope of the course curriculum. It addresses core domains such as security requirements engineering, threat modeling, attack surface analysis, vulnerability assessment, penetration testing, SDLC process models, DevSecOps practices, Agile principles, secure architecture design, UML modeling, and incident response planning. The content is structured in a comprehensive question-and-answer format, including true/false, multiple-choice, applied concept explanations, framework classifications (including the NIST Bugs Framework), and structured security definitions. Major topics include confidentiality, integrity, availability, authentication, authorization, session management, configuration management, secure defaults, defense in depth, least privilege, vulnerability scanning, static and dynamic analysis, network auditing, cloud computing, distributed computing, COTS risks, and software process models such as Waterfall, Incremental, Evolutionary, Concurrent, Component-Based, and Formal Methods. The material is closely aligned with Software Engineering: A Practitioner’s Approach by Roger S. Pressman and Bruce R. Maxim, particularly in its treatment of SDLC frameworks, development methodologies, and process models, while also incorporating secure software engineering principles typically covered in advanced security-focused software development courses. This document is relevant for students enrolled in: CEN4078 Secure Software Development Software Engineering Computer Science (Undergraduate or Graduate level) Computer Engineering Information Technology Cybersecurity and Information Assurance programs It is especially useful for students preparing for midterm examinations, final exams, comprehensive course reviews, capstone preparation, or security-integrated software engineering assessments. Keywords: secure software development, security requirements engineering, threat modeling, attack surface analysis, vulnerability scanning, penetration testing, SDLC models, DevSecOps, Agile Manifesto, NIST Bugs Framework, software architecture, UML diagrams, static analysis, dynamic analysis, incident response planning, confidentiality integrity availability, authentication authorization, defense in depth, least privilege, cloud computing, distributed systems, software testing strategies

Show more Read less
Institution
CEN4078
Course
CEN4078

Content preview

CEN4078 2026 Exam Questions
and Answers 100% Guaranteed
Success | Already Rated A+



Primary stakeholders do not have the ability to directly affect the project. -

🧠ANSWER ✔✔False


Ranking requirements is not a simple task. - 🧠ANSWER ✔✔True


What is the deciding factor in the prioritization of requirements? -

🧠ANSWER ✔✔Stakeholders

,Which of these is a baseline security consideration? - 🧠ANSWER

✔✔Confidentiality


Requirements creep is when both competing needs are analyzed and the

best outcome for the project is decided. - 🧠ANSWER ✔✔False


It is typically the exception cases to normal operation that are either not

considered or not adequately planned - 🧠ANSWER ✔✔True


A stockholder is anyone with an interest in the project or any one affected

by the project. - 🧠ANSWER ✔✔False


It is not essential to understand the scope of a project. - 🧠ANSWER

✔✔False


Which of these is NOT a category of the security component of a

requirement specification? - 🧠ANSWER ✔✔Case exception


Which of the following is not a type of requirement for secure system

design? - 🧠ANSWER ✔✔Design requirements


The first incarnation of the requirements for a system are most often done

where - 🧠ANSWER ✔✔On paper

,What is the goal of establishing security requirements early? - 🧠ANSWER

✔✔Consider where compromise is likely to occur.


Which of the following refers to the work that is to be completed? -

🧠ANSWER ✔✔Product Scope


How can you satisfy a stakeholder group with low interest and high power?

- 🧠ANSWER ✔✔Project outcomes


What is the first step in security requirements planning? - 🧠ANSWER

✔✔Formulating Project idea


True or False? You should make changes to the scope as the project

progresses - 🧠ANSWER ✔✔False


Network interactions should follow a stateful pattern to allow traffic

anomalies to be detected. - 🧠ANSWER ✔✔True


There are both functional and nonfunctional security requirements. -

🧠ANSWER ✔✔True


Validation is the process of making sure the right system is being built. -

🧠ANSWER ✔✔True




3
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED

, Which stakeholder group would be good group for focus groups? -

🧠ANSWER ✔✔High Interest and Low Power


With attention, poor planning can be avoided. - 🧠ANSWER ✔✔True


Secure requirements and security requirements are the same thing. -

🧠ANSWER ✔✔False


After the comprehensive list of requirements is gathered and ranked, what

is the resolution of conflict based on? - 🧠ANSWER ✔✔Business needs


True or False? A consequence of failure is what will happen if the

requirement I not fulfilled during operation. - 🧠ANSWER ✔✔False


A functional requirement is a quality or constraint for the system. -

🧠ANSWER ✔✔False


Which of the following is not a step of the Software Development Life

Cycle? - 🧠ANSWER ✔✔Demonstration


Maintenance is a common step in the Software Development Life Cycle. -

🧠ANSWER ✔✔True

Written for

Institution
CEN4078
Course
CEN4078

Document information

Uploaded on
February 17, 2026
Number of pages
31
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$15.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
JOSHCLAY West Governors University
Follow You need to be logged in order to follow users or courses
Sold
352
Member since
2 year
Number of followers
15
Documents
19670
Last sold
1 day ago
JOSHCLAY

JOSHCLAY EXAM HUB, WELCOME ALL, HERE YOU WILL FIND ALL DOCUMENTS & PACKAGE DEAL YOU NEED FOR YOUR SCHOOL WORK OFFERED BY SELLER JOSHCLAY

3.5

78 reviews

5
31
4
12
3
15
2
8
1
12

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions