74. Which of the following identifies required functionality to protect against or mitigate failure of the application software?

a. Software safety analysis

b. Software hazard analysis

c. Software fault tree analysis

d. Software sneak circuit analysis

74. a. Software needs to be developed using specific software development and software assurance processes to protect against or mitigate failure of the software. A complete software safety standard references other standards that address these mechanisms and includes a software safety policy identifying required functionality to protect against or mitigate failure.

Software hazard analysis is incorrect because it is a part of software safety. Hazard analysis is the process of identifying and evaluating the hazards of a system, and then making change recommendations that either eliminate the hazard or reduce its risk to an acceptable level. Software hazard analysis makes recommendations to eliminate or control software hazards and hazards related to interfaces between the software and the system (includes hardware and human components). It includes analyzing the requirements, design, code, user interfaces, and changes. Software hazards may occur if the software is improperly developed (designed), the software dispatches incorrect information, or the software fails to transmit information when it should.

Software fault tree analysis is incorrect because its purpose is to demonstrate that the software will not cause a system to reach an unsafe state, and to discover what environmental conditions will allow the system to reach an unsafe state. Software fault tree analysis is often conducted on the program code but can also be applied at other stages of the life cycle process (for example, requirements and design). This analysis is not always applied to all the program code, only to the portion that is safety critical.

Software sneak analysis is incorrect because it is based on sneak circuit analysis, which is used to evaluate electrical circuitry—hence the name software sneak circuit analysis. Sneaks are the latest design conditions or design flaws that have inadvertently been incorporated into electrical, software, and integrated systems designs. They are not caused by component failure.

75. Which of the following provides an assessment of software design quality?

a. Trace system requirements specifications to system requirements in requirements definition documentation.

b. Trace design specifications to system requirements and system requirements specifications to design.

c. Trace source code to design specifications and design specifications to source code.

d. Trace system test cases and test data designs to system requirements.

75. b. The goal is to identify requirements with no design elements (under-design) and design elements with no requirements (over-design). It is too early to assess software design quality during system requirements definition. It is too late to assess software design quality during coding. The goal is to identify design elements with no source code and source codes with no design elements. It is too late to assess software design quality during testing.

76. When executed incorrectly, which of the following nonlocal maintenance and diagnostic activities can expose an organization to potential risks?

a. Using strong authenticators

b. Separating the maintenance sessions from other network sessions

c. Performing remote disconnect verification feature

d. Using physically separated communications paths

76. c. An organization should employ remote disconnect verification feature at the termination of nonlocal maintenance and diagnostic sessions. If this feature is unchecked or performed incorrectly, this can increase the potential risk of introducing malicious software or intrusions due to open ports and protocols. The other three choices do not increase risk exposure. Nonlocal maintenance work is conducted through either an external network (mostly through the Internet) or an internal network.

77. Which of the following factors is an important consideration during application system design and development project?

a. Software safety

b. Completing the project on schedule

c. Spending less than budgeted

d. Documenting all critical work

77. a. Software safety is important compared to the other three choices because lack of safety considerations in a computer-based application system can cause danger or injury to people and damage to equipment and property.

78. A software product has the least impact on:

a. Loss of life

b. Loss of property

c. Loss of physical attributes

d. Loss of quality

78. c. Software is an intangible item with no physical attributes such as color and size. Although software is not a physical product, software products have a major impact on life, health, property, safety, and quality of life. Failure of software can have a serious economic impact such as loss of sales, revenues, and profits.

79. A dangerous misconception about software quality is that:

a. It can be inspected after the system is developed.

b. It can be improved by establishing a formal quality assurance function.

c. It can be improved by establishing a quality assurance library in the system.

d. It is tantamount to testing the software.

79. a. Quality should be designed at the beginning of the software development and maintenance process. Quality cannot be inspected or tested after the system is developed. Most seem to view final testing as quality testing. At best, this is quality control instead of quality assurance, hopefully preventing shipment of a defective product. Quality in the process needs to be improved, and quality assurance is a positive function.

A software product displays quality to the extent that all aspects of the customer’s requirements are satisfied. This means that quality is built into the product during its development process rather than inspected at the end. It is too late to inspect the quality when the product is already built. Most assurance is provided when the needs are fully understood, captured, and transformed (designed) into a software product.

80. From a security risk viewpoint, the job duties of which one of the following should be fully separated from the others?

a. System administrator

b. Security administrator

c. Computer operator

d. System programmer

80. c. Separation of duties is a security principle that divides critical functions among different employees in an attempt to ensure that no one employee has enough information or access privileges to perpetrate damaging fraud or conduct other irregularities such as damaging data and/or programs.

The computer operator‘s job duties should be fully and clearly separated from the others. Due to concentration of risks in one job and if the computer operator’s job duties are not fully separated from other conflicting job duties (for example, system administrator, security administrator, or system programmer), there is a potential risk that the operator can issue unprivileged commands from his console to the operating system, thus causing damage to the integrity of the system and its data. In other words, the operator has full access to the computer in terms of running the operating system, application systems, special program, and utility programs where the others do not have such full access. It is good to limit the computer operator’s access to systems and their documentation, which will help him in understanding the inner working of the systems running on the computer. At the same time it is good to limit the others’ access to the computer systems just enough to do their limited job duties.