CCT 065: Mastering Software Development Methodologies - CISSP Exam Questions (CISSP Domain 8.1)

Ready to turbocharge your cybersecurity prowess? Then buckle up for a thrilling journey through the maze of software development methodologies - Agile, Waterfall, DevOps, Scrum, and Kanban. I, your tour guide Sean Gerber, will dissect each methodology, spotlighting their unique principles, benefits, and potential pitfalls. Get set to grasp the iterative pulse of Agile, the rigid skeleton of the Waterfall model, and the risk-focused heart of the Spiral model. 

We're not just about theory - we're about practical insights too. So, listen in as we traverse the symbiotic evolution of software and business documents in Agile, and the art of limiting work-in-progress in Kanban. We're spicing things up with a sprinkle of CISSP exam questions to ensure you're armed and ready for your certification. Embrace the principles of DevOps, the merits of Scrum over traditional methods and the core attributes of the Spiral model. This is a must-listen for anyone eager to elevate their understanding of software development methodologies and skyrocket their cybersecurity career!

Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free. 

Welcome to the CISSP Cyber Training Podcast, where we provide you the training and tools you need to pass the CISSP exam the first time. Hi, my name is Sean Gerber and I'm your host for this action-packed, informative podcast. Join me each week as I provide the information you need to pass the CISSP exam and grow your cybersecurity knowledge. All right, let's get started. Okay, hey, all it's Sean Gerber with CISSP Cyber Training and today is exam question Thursday. So it's awesome, exam question Thursday. You gotta love it. So we are going to talk about today different, various exam questions that you might be able to see, and we are going to focus on the domain eight. We're going to get into software development methodologies, the can bans, the agile's and all of those aspects that we're going to kind of go through some CISSP questions so that you are properly prepared for the CISSP exam. All right, so you, all these questions we are going to are available to you on CISSP Cyber Training. You sign up for the team for the community. You can have access to every one of these questions that are in the community. You also can have access to the videos that are associated with this, because I am recording a video as I record this podcast, so it is available for you at that time as well. So let's get into question one which development methodology is iterative and focuses on customer feedback and incremental improvements? A waterfall, b agile, c spiral or D Kanban? Okay again, which development methodology is iterative and focuses on customer feedback and incremental improvements? And the answer is B agile. Agile is an iterative development methodology designed to build products that satisfy the customer through the entire continuous feedback and improvements. If you listen to my podcast that came out just on Monday, we talk about each and every one of these. The goal is is that when I talk about a have a podcast, I have some CISSP questions that go over that specific one as well. Question two which of the development process is the system design frozen, typically not allowing for any changes midway through the project? A waterfall, B agile, c scrum or D Kanban? And the answer is A waterfall. The waterfall model is designed to be frozen or you basically can't go back and make iterative changes in the design phase. So once the design phase is done, then changes cannot be easily accommodated or you may end up having a bunch of waste. So you want to avoid that. Question number three which of the following is a core principle of dev ops. Okay, a extend the development phases. B separation of developers and operators. C reduced deployment frequency. D continuous integration, continuous delivery. I always end up goofing that up and calling continuous development, but it's continuous delivery. So CICD pipelines typically what they are. So if you hear the term CICD pipeline, that is typically a core principle of dev ops and so that it's used to dev ops is basically aim is to shorten the system's development lifecycle and provide continuous delivery with high software quality. Again, cicd is a primary principle of dev ops. You'll see that if you're doing incorporating security, you'll see dev sec ops, dev sec ops. Yeah, sec dev ops I can never remember the one, but you'll basically see that If it's sec is security SEC, which is the primary benefit of the spiral model in software development. A fast delivery in a complete software package. B strict phase completion before the next phase begins. So you're completing the phase and you can't start. C is early identification and mitigation of risks or D exclusion of users from the software development process. And the answer is C. One thing you learn from our podcast we talked about is early identification and mitigation of risks. The spiral model is designed to manage and mitigate risks early in the development process. Question five what is the advantage of scrum over traditional development methods? A it's complete upfront project planning. B it's flexibility to change during the project. C it's got a strong emphasis on formal documentation. Or D, long phases of development before testing. Okay, so what is an advantage of Scrum over traditional development methods? And the answer is B flexibility to change during the project. Like we mentioned before, scrum allows for flexibility in changes throughout the project based on the lessons learned and the changing requirements. Next question which development methodology emphasizes on limiting work in progress? Okay, so when you're focusing on, you can't have a lot of work that's going on in progress as you're trying to make that happen. A is Scrum, b is Agile, c is Waterfall or D is Kanban. So again, which development methodology emphasizes on limiting work in progress? And the answer is D Kanban. Kanban focuses on visualizing workflows, limiting work in progress and maximizing efficiency or the flow. Like we talked about in the podcast. You have basically various blocks and you have those blocks will help you. You have various blocks which will help you in this overall process and their visual block. Next question which model do the software and business documentations evolve together? A is Agile, b is Waterfall, c is Spiral, d is Kanban. Again, which model of the software and the business documentation evolve together? And the answer is A. Agile methodology is both the software and the associated documentation evolve together through an iterative and incremental development process. Question H which of the following is not a characteristic of the Spiral model? A Risk Driven, b Early Software Releases. C Repeated Reassessments of the Project Risks or D Sequential Phases? And the answer is D. The first three are all tied to the Spiral method. The Sequential Phases is more of a waterfall method. The Spiral model doesn't strictly follow any Sequential Phases. It's more iterative and it focuses on risk. Key term there it's focusing on risk. What does DevOps aim to achieve? A create silos between teams. B discouraging cross-dark departmental collaboration. C reducing time to market through automation and collaboration. Or D minimizing software delivery. So if you listen, if you read all three of all four of those, it's pretty obvious which one it is. It's C, right. But also know that DevOps is designed to be fast, it's meant to be agile, it's meant to be quick. So reducing the time to market is through automation and collaboration is the answer for what DevOps aims to achieve. And this is done to be shortened in your development lifecycle and deliver high-quality software quickly through enhanced collaboration and automation. Question 10, what is the one advantage of using waterfall method? A it's easy to understand and manage due to rigid structure. B it's got a high degree of flexibility to accommodate changes. C it's got an iterative development and constant feedback. Or D it's high risk and uncertainty of handling. So the answer is the waterfall is easy to understand and manage due to rigid structure. Again, it's very rigid. It's very linear. The waterfall model is easy to understand and manage on each phase, specific deliverables and a review process. Question 11, which model is not well suited? Again, not for small projects with clear requirements. A is waterfall, b scrum, c, agile, d spiral, like we talked about in the podcast, spiral is not suited for small projects. It's designed for large, complex, high-risk projects. So the answer is D these small projects with clear requirements don't work well and they be better with waterfall or agile. Next question which of the following is a lean method emphasizing workflow, virtual visualization? Again, workflow visualization. What is one that deals with visualization? A is agile, b is Kanban, c is waterfall, d is scrum. Again, the answer would be B. When you're dealing with visualizations, kanban is a method which is using a visual board or physical or digital, that represents the workflow. You think of those key terms when you're taking the test. Which model combines elements of both design and prototyping in stages in an effort to combine advantages of top-down and bottom-up concepts? Again, which model combines elements of both design and prototyping in stages in an effort to combine advantages of top-down and bottom-up concepts? A spiral, b agile, c waterfall or D Kanban? And the answer is A spiral Spiral combines element of both design and prototyping in stages and aims to leverage advantages of both top-down and bottom-up concepts. What does the term sprint refer to in a scrum? A the final phase of a project. B the process of catching software bugs. C a set of period during a set period during a specific work that has to be completed and made ready to review. Or. D a meeting where developers discuss what went wrong in the project. So what does the term sprint refer to in a scrum? It's a set period. It's C a set period during a specific work that has to be completed and made ready for review. This set period is designed specifically and this is usually typically from two to four weeks. Two weeks is typically where I've seen, four weeks can get a little long. During this time, the specific work must be completed and ready for review. Next question In the DevOps philosophy, what is the main purpose of infrastructure as code? Aha, new term Infrastructure as code. I've seen this a lot lately. A it's a technique used to delay software integration until the end of the project. B it aims to manage servers and other infrastructure through automated scripts. C it's a manual approach to infrastructure management. Or D it aims to handle infrastructure alongside software without automated tools. So again, look at the term information or infrastructure as code. What does that mean? Well, typically code is in scripts, right? So the answer is B it's to manage servers and other infrastructure through automated scripts. So the key thing around information as code is a practice that involves managing and provisioning computer data centers through machine readable definition files rather than manual processes. Again, that's just kind of think about that. Which of the following characteristics of agile development frameworks are correct? Okay, this is choose two, one of these fun questions. This came from feedback from some of my students of going do you have one that you can do? Choose two. And that's a good question, because we do so now. This is where it gets really wonky. Now keep in mind, on the CISSP exam they don't have a lot of these, but they will have them where you have to pick multiples. So which of the following characteristics of agile development framework are correct Emphasize documentation, detailed planning. B prioritize customer feedback and continuous integration. C typically employ sequential design processes. C or D embrace change and flexibility through development. Or D involves risk analysis and prototyping at every cycle. So this is kind of hard to just hear on the podcast, but when it comes right down to it is is that of the characteristics in agile development, which ones are correct? And it is B and D Prioritize customer feedback and continuous iteration. And then D is embrace change and flexibility through development. So again, you gotta just know what agile will do. It's flexible, it's short, and if you do that, it will help you with the final, with the question. Next question the software development framework is risk analysis most emphasize. Again, we talked about risk analysis and that is spiral. So the A is waterfall, b is agile, c is V model or D is spiral. And again, spiral is heavily focused on risk analysis. Which development framework relies on iterative development and focuses heavily on user involvement through its cycles. So now this is an interesting one. I guess this is one we didn't talk about in the podcast, but this is something you may have to know. So, again, the development framework relies heavily on iterative development and focuses heavily on user involvement through its life cycles. A is waterfall, b is V model, c is rad, that's Romeo, alpha, delta, rapid application development. Or C is or D is spiral. Well, in this case, again, rapid development, iterative development it's rad, that's rapid application development is correct because it emphasizes on rapid prototyping and user feedback through the process. Which of the following is a primary difference between waterfall and agile methodologies? A waterfall's iterative, while agile is not. B agile prioritized documentation over collaboration. C waterfall completes all designs before any coding begins. Or D agile typically employs strict sequence of project phases. The answer is C waterfall completes all design before any coding begins. That one is correct. That's the primary difference between the two. Last question which development methodologies are primarily structured around processing from one phase to the next only after the previous phase is completed and requirements are well-defined? A is waterfall, b is agile, C is spiral, d is iterative. So which development methodologies are primarily structured around processing from one phase to the next only after the previous phase is completed and requirements are well-defined from the onset, and the answer is A waterfall, is a linear, sequential approach which you have to move from one phase to the next, and is best suited for projects that have well-defined requirements from the beginning. All right, that's all I have for you today on the CISSP Cyber Training. Hope you all have a wonderful day. Go check it out at cisspcybertrainingcom. You can go check out my free questions CISSP questions at freecisspquestionscom, and you can sign up and get 30 free CISSP questions each and every month. All right, I hope you have a wonderful day and we will catch you on the flip side, see ya.