Test 2

DKEAD category high risk rating based on the threat exploits potential level of harm?. Damage Potential. Reporductability. Affected Users. Exploitability.

Security Team is confident that developers can fix the flaws in the first post-release patch. Not passed but does not require Escalation. Not passed and Requires Escalation. Passed with exceptions. Passed.

Deployed to a pre-production environment so that analysis may verify that the product is working as expected. Which phase of the SDLC is being described?. Requirements. Design. Testing. Deployment.

Base score of the vulnerability was 3.5 and changed to 5.9 after adjusting temporal and environmental metrics. Critical Severity. High Severity. Low Severity. Medium Severity.

Contracted with an outside firm to simulate an attack on the new software product. Which activity SDL phase is being performed?. Penetration Testing. Policy Compliance Analysis. Open-source licensing review. Final security Review.

Reviewing all noncommercial libraries used in the new product to ensure they are being used according to the legal specifications defined by the authors. What activity of the ship SDL phase is being performed?. Policy compliance Analysis. Open-source licensing review. Penetration Testing. Final Security Review.

Injecting malformed data into open interfaces of an executable or running application and is most commonly executed during the testing or deployment phases of the SDLC?. Static Analysis. Fuzz Testing. Dynamic Analysis. Manual Code Review.

Cloned the source code repository of the new software product so they can perform vulnerability testing by modifying or adding small snippets of code to see if they can cause unexpected behavior and application failure. Source-code Fault Injection. Dynamic Code Analysis. Fuzz Testing. Binary Fault injection.

Product Scope has been determined, teams have been formed, and backlogs have been created. What phase of the SDLC is being described?. Deployment. Design. Implementation. Requirements.