ISTQB Security Testing - Mock Tests 1 Questions

ISTQB Security Testing Certification


1. The primary role of security risk assessment is to,

• understand which tests and environment may be at risk, and to determine the magnitude of each risk

• understand which personal devices may be at risk, and to determine the magnitude of each risk

• understand which financial assets may be at risk, and to determine the magnitude of each risk

• understand which areas and assets may be at risk, and to determine the magnitude of each risk


2. Which is the guideline contains security risk assessment methodology,

• NIST 700-30

• NIST 800-30

• NIST 900-30

• NIST 1000-30


3. As per NIST 800-30, Communicating and sharing information includes____

• Share information developed in the execution of the risk assessment to support other risk management activities

• Share information developed in the execution of the test cases to support other test management activities


4. As per NIST 800-30, Conducting risk assessments includes__________

• Determine the likelihood that the identified threat destinations would initiate specific threat events and the likelihood that the threat events would be successful

• Determine the likelihood that the identified code issues would initiate specific threat events and the likelihood that the threat events would be successful

• Determine the likelihood that the identified threat sources would initiate specific threat events and the likelihood that the threat events would be successful

• Determine the likelihood that the identified defect sources would initiate specific threat events and the likelihood that the threat events would be successful


5. As per NIST 800-30, Preparing risk assessments includes__________

• Identify the scope of the preparation

• Identify the scope of the examination

• Identify the scope of the test cases

• Identify the scope of the assessment


6. Which assets are valuable to the organization?

• Business plans

• Floor plans

• Car parking plans

• Tour plans


7. How are the digital assets secured?

• Authentication and tokens

• Virtual tokens

• Gate tokens

• Reserve security and tokens


8. Security testing differs from other forms of functional testing in two significant areas. TRUE or FALSE

• TRUE

• FALSE


9. Standard techniques for selecting test input data includes security issues. TRUE or FALSE

• TRUE

• FALSE


10. The symptoms of security defects are very similar to those found with other types of functional testing. TRUE or FALSE

• TRUE

• FALSE

Complete and Continue