- What is security flaw? Explain with example
- What are considerations for maintaining information security? Explain with example for each consideration
- What are Functional requirements and non-functional requirements? What are the characteristics of non-functional requirements? Explain with example for
each characteristic
- What is software development life cycle (SDLC)? Explain SDLC’s 5 phases and corresponding tasks with examples
- When the security measures are considered in SDLC? Why security experts are applying security measures during SDLC? Explain with example
- Describe Security Perimeter and Attack Surface with example
- Describe best practice: Apply Defense in Depth with example
- What are difference in using positive security model and negative security model
- What is security by obscurity and why it should be avoided? Explain with example
- What is misuse case modeling in textbook? Explain with example
- Write example of threat modeling. Also, what is risk analysis and consideration?
- What is Cross Site Scripting (CWE79)? Provide example of Cross site scripting
- What is embedded system and why security breach in embedded system is critical (explain with example)? What are bad assumptions that developers comes up?
- Explain 7 key security risks for cloud application by Gartner Group with example for each risk
- Mobile applications are growing platform in software development. Explain 3 possible attacks and mitigation measures for mobile application.