Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
50 Cards in this Set
- Front
- Back
|
Which of these are valid software configuration items?
a. case tools b. documentation c. executable programs d. test data e. All of the above |
e. All of the above
|
|
|
Which of the following is not considered one of the four important elements that should exist when a configuration management system is developed?
a. component elements b. human elements c. process elements d. validation elements |
d. validation elements
|
|
|
Once a software engineering work product becomes a baseline it cannot be changed again. True or false?
|
False
|
|
|
Which configuration objects would not typically be found in the project database?
a. design specification b. marketing data c. organizational structure description d. test plans e. b and c |
e. b and c
|
|
|
Modern software engineering practice suggests that a software team maintain SCI’s in a project database or repository. True or false?
|
True
|
|
|
A data repository metamodel is used to determine how
a. information is stored in the repository b. well data integrity can be maintained c. easily the existing model can be extended d. all of the above |
d. all of the above
|
|
|
Many data repository requirements are the same as those for a typical database application. True or false?
|
True
|
|
|
The ability to track relationships and changes to configuration objects is one of the most important features of the SCM repository. True or false?
|
True
|
|
|
Which of the following tasks is not part of software configuration management?
a. change control b. reporting c. statistical quality control d. version control |
c. statistical quality control
|
|
|
A basic configuration object is a ________________ created by a software engineer during some phase of the software development process.
a. program data structure b. hardware driver c. unit of information d. all of the above |
c. unit of information
|
|
|
A new _____________ is defined when major changes have been made to one or more configuration objects.
a. entity b. item c. variant d. version |
d. version
|
|
|
Change control is not necessary if a development group is making use of an automated project database tool. True or false?
|
False
|
|
|
When software configuration management is a formal activity, the software configuration audit is conducted by the
a. development team b. quality assurance group c. senior managers d. testing specialists |
b. quality assurance group
|
|
|
The primary purpose of configuration status reporting is to
a. allow revision of project schedule and cost estimates by project managers b. evaluate the performance of software developers and organizations c. make sure that change information is communicated to all affected parties d. none of the above |
c. make sure that change information is communicated to all affected parties
|
|
|
Configuration issues that need to be considered when developing WebApps include:
a. content b. cost c. people d. politics e. a, b, c |
e. a, b, c
|
|
|
WebApp configuration objects can be managed in much the same way as conventional software configuration objects except of:
a. content items b. functional items c. graphic items d. user items |
a. content items
|
|
|
Content management establishes a process by which Web content is rendered on the user’s display screen. True or false?
|
False
|
|
|
Change management for WebApps is best handled in agile manner. True or false?
|
True
|
|
|
One reason that version control is difficult for WebApps is that in an uncontrolled environment, you can have multiple authors making changes to the same files from multiple locations without any realizing it. True or false?
|
True
|
|
|
Requiring developers to check Web configuration items in and out and sending affected stakeholders e-mail messages automatically are good ways to deal with configuration auditing and reporting for WebApps. True or false?
|
True
|
|
|
SCI standards take a formal view and do not address guidelines for applying change management in agile environments. True or false?
|
False
|
|
|
The cleanroom strategy is based on the ________ software process model
a. evolutionary b. incremental c. revolutionary d. spiral |
b. incremental
|
|
|
Which of the following tasks is not part of software configuration management?
a. change control b. reporting c. statistical quality control d. version control |
c. statistical quality control
|
|
|
This box specification describes the architectural design for some system component
a. black box b. clear box c. state box d. white box |
c. state box
|
|
|
The value in terms of the time or cost to recreate a lost system asset
a. threat b. controls c. asset d. exposure |
d. exposure
|
|
|
The cleanroom strategy relies on
a. exhaustive testing b. extensive unit testing of all modules c. tests that exercise the software as it is really used d. white box testing strategies |
c. tests that exercise the software as it is really used
|
|
|
Use of formal program correctness proofs as part of the cleanroom process eliminates the need do any testing for software defects. True or false?
|
False
|
|
|
In cleanroom software engineering a “box” encapsulates some system aspect at a particular level of detail. True or false?
|
True
|
|
|
This box specification describes an abstraction, stimuli, and response
a. black box b. clear box c. state box d. white box |
a. black box
|
|
|
This box specification is closely aligned with procedural design and structured programming
a. black box b. clear box c. state box d. white box |
b. clear box
|
|
|
By using only structured constructs as you create a procedural design, you make the work of proving design correctness much easier. True or false?
|
True
|
|
|
Which of the following is not an advantage of using rigorous correctness verification of each refinement of the clear box design
a. improves performance of code b. produces better code than unit testing c. reduces verification effort d. results in near zero defect levels |
a. improves performance of code
|
|
|
System resources that have value to its stakeholders
a. assets b. reliability c. security d. mechanisms |
a. assets
|
|
|
Statistical use testing relies on probability distributions based on
a. mixture of control structures used in the program b. order in which the module execute c. the way software will actually be used d. user interface design standards |
c. the way software will actually be used
|
|
|
Certification of an increment is complete once it has passed the formal verification process. True or false?
|
False
|
|
|
Which of the following model is part of the cleanroom certification process?
a. component model b. sampling model c. both a and b d. none of the above |
c. both a and b
|
|
|
A data invariant is a set of conditions that are true during the execution of any function. True or false?
|
False
|
|
|
In some formal languages, stored data that the system accesses and alters is called a(n)
a. attribute b. data structure c. state d. variant |
c. state
|
|
|
In formal methods work, an action that reads or writes data to a state is called a(n)
a. actor b. event c. invariant d. operation |
d. operation
|
|
|
What defines the circumstances in which a particular operation is valid?
a. data invariant b. precondition c. postcondition c. state |
b. precondition
|
|
|
A common notational convention in many formal methods is to write the variable with a prime in the postcondition for an operator. True or false?
|
True
|
|
|
Which of these are components of a formal specification language?
a. semantics that define the objects used b. describe system set of relations defining the object rules c. syntax that defines the notation d. all of the above |
d. all of the above
|
|
|
OCL makes use of several specialized mathematical characters. True or false?
|
False
|
|
|
Using formal methods eliminates the need to write natural language commentary in the specification document. True or false?
|
False
|
|
|
Created to avoid the attacks and to mitigate their damage
a. threat b. controls c. asset d. exposure |
b. controls
|
|
|
Brings additional confidentiality and trust issues to security because it blurs the line between “trusted inside” and “untrusted outside”
a. Social media b. Cloud computing c. Mobile applications d. Internet of things |
b. Cloud computing
|
|
|
Security metrics should focus on system dependability, trustworthiness and survivability. True or false?
|
True
|
|
|
Which of the following are not among the steps in security risk analysis
a. Identify assets b. Create architectural overview c. Rate threats d. None of the above |
d. None of the above
|
|
|
Threat analysis is the process of determining the conditions or threats that may damage system resources or make then inaccessible to unauthorized access. True or false?
|
True
|
|
|
Security engineering is a prerequisite to system integrity, availability, reliability, and safety. True or false?
|
True
|
