ISTQB Security Testing - Mock Tests 1 Questions
ISTQB Security Testing Certification
1. The primary role of security risk assessment is to,
• understand which tests and environment may be at risk, and to determine the magnitude of each risk
• understand which personal devices may be at risk, and to determine the magnitude of each risk
• understand which financial assets may be at risk, and to determine the magnitude of each risk
• understand which areas and assets may be at risk, and to determine the magnitude of each risk
2. Which is the guideline contains security risk assessment methodology,
• NIST 700-30
• NIST 800-30
• NIST 900-30
• NIST 1000-30
3. As per NIST 800-30, Communicating and sharing information includes____
• Share information developed in the execution of the risk assessment to support other risk management activities
• Share information developed in the execution of the test cases to support other test management activities
4. As per NIST 800-30, Conducting risk assessments includes__________
• Determine the likelihood that the identified threat destinations would initiate specific threat events and the likelihood that the threat events would be successful
• Determine the likelihood that the identified code issues would initiate specific threat events and the likelihood that the threat events would be successful
• Determine the likelihood that the identified threat sources would initiate specific threat events and the likelihood that the threat events would be successful
• Determine the likelihood that the identified defect sources would initiate specific threat events and the likelihood that the threat events would be successful
5. As per NIST 800-30, Preparing risk assessments includes__________
• Identify the scope of the preparation
• Identify the scope of the examination
• Identify the scope of the test cases
• Identify the scope of the assessment
6. Which assets are valuable to the organization?
• Business plans
• Floor plans
• Car parking plans
• Tour plans
7. How are the digital assets secured?
• Authentication and tokens
• Virtual tokens
• Gate tokens
• Reserve security and tokens
8. Security testing differs from other forms of functional testing in two significant areas. TRUE or FALSE
• TRUE
• FALSE
9. Standard techniques for selecting test input data includes security issues. TRUE or FALSE
• TRUE
• FALSE
10. The symptoms of security defects are very similar to those found with other types of functional testing. TRUE or FALSE
• TRUE
• FALSE