Answer all questions below in a single document, preferably below the corresponding topic.
Responses should be no longer than half a page.
1. Although functionality is the first concern when developing software, adding security into the
mix before the project starts and then integrating it into every step of the development process
would be highly beneficial. Although many companies do not view this as the most beneficial
approach to software development, they are becoming convinced of it over time as more
security patches and fixes must be developed and released, and as their customers continually
demand more secure products. Explain the best security software development life cycle
(SSDLC) methodology.
2. Software development is a complex task, especially as technology changes at the speed of
light, environments evolve, and more expectations are placed upon vendors who wish to be the
“king of the mountain” within the software market.
This complexity also makes implementing effective security more challenging. For years,
programmers and developers did not need to consider security issues within their code, but this
trend is changing. Education, experience, awareness, enforcement, and the demands of the
consumers are all necessary pieces to bring more secure practices and technologies to the
program code we all use. Given this environment, what suggestions do you have to keep our
SDLC secure and mature?
3. Explain the best security practices in patch management, configuration management to avoid
any software security issues.
