Certified Application Security Engineer – Java (CASE-Java) — Question 6
Which of the following can be derived from abuse cases to elicit security requirements for software system?
Answer options
- A. Misuse cases
- B. Data flow diagram
- C. Use cases
- D. Security use cases
Correct answer: D
Explanation
The correct answer is D because security use cases are specifically designed to address the security aspects derived from abuse cases. Options A and C, while related, do not focus solely on security requirements, and B does not pertain to security requirements at all.