7. Inside a trust boundary, items:
A. Share the same ACL access
B. Share the same privileges, rights, access, and identifiers
C. Share the same user account
D. Are not observable
8. A threat model is validated for all of the following except:
A. Appropriate mitigations are assigned to all threats listed.
B. All security threats are identified.
C. Dependencies have been considered and are documented.
D. The quality of mitigations is adequate.
9. To reduce the risk associated with reusing code, the development team should:
A. Never reuse code, but develop all code via the SDL process
B. Identify and document the risk of reused code
C. Perform testing and validation on reused code in the same fashion as new code
D. Only use code certified for the project