SDL Compliance & Governance in SDLC

Question 1

What is the purpose of compliance in the SDLC process?

Accepted Answer

To ensure adherence to laws and policies

Answer

To speed up deployment.

Answer

To increase project cost.

Answer

To ignore security requirements.

Question 2

Which framework is often used for IT governance?

Accepted Answer

COBIT

Answer

ITIL.

Answer

SCRUM.

Answer

Kanban.

Question 3

Why is audit important in SDLC governance?

Accepted Answer

To verify compliance and identify risks

Answer

To speed up coding.

Answer

To reduce documentation.

Answer

To increase software features.

Question 4

What is a key governance activity in SDLC?

Accepted Answer

Establishing policies and standards

Answer

Ignoring documentation.

Answer

Skipping testing.

Answer

Avoiding audits.

Question 5

How does compliance affect software security?

Accepted Answer

It enforces security measures

Answer

It weakens security.

Answer

It increases vulnerabilities.

Answer

It slows development unnecessarily.

Question 6

What role does documentation play in governance?

Accepted Answer

It ensures traceability and consistency

Answer

It confuses teams.

Answer

It wastes resources.

Answer

It delays approvals.

Question 7

Which regulation commonly impacts software development?

Accepted Answer

GDPR

Answer

HIPAA.

Answer

SOX.

Answer

PCI-DSS.

Question 8

What is policy enforcement in governance?

Accepted Answer

Monitoring and enforcing policies

Answer

Ignoring policy breaches.

Answer

Allowing exceptions without review.

Answer

Delaying decisions.

Question 9

How does governance contribute to project success?

Accepted Answer

By aligning projects with goals and managing risks

Answer

By increasing project costs.

Answer

By reducing communication.

Answer

By ignoring compliance.