Secure Software Development Final

Question

The PRIMARY reason for incorporating security into the software development life cycle is to protect

Answer 1

the unauthorized disclosure of information.

Answer 2

the corporate brand and reputation

Answer 3

against hackers who intend to misuse the software.

Answer 4

the developers from releasing software with security defects.

Answer 5

Confidentiality.

Answer 6

Integrity.

Answer 7

Availability.

Answer 8

Authorization.

Answer 9

software issues can cause downtime to the business.

Answer 10

developers need to be trained in the business continuity procedures.

Answer 11

testing for availability of the software and data is often ignored.

Answer 12

hackers like to conduct Denial of Service (DoS) attacks against the organization.

Answer 13

Confidentiality.

Answer 14

Integrity.

Answer 15

Availability.

Answer 16

Authentication.

Answer 17

Ownership based authentication.

Answer 18

Two factor authentication.

Answer 19

Characteristic based authentication.

Answer 20

Knowledge based authentication.

Answer 21

Separation of Duties.

Answer 22

Defense in depth.

Answer 23

Complete mediation.

Answer 24

Open design.

Answer 25

providing evidentiary information.

Answer 26

assuring that the user cannot deny their actions.

Answer 27

detecting the actions that were undertaken.

Answer 28

preventing a user from performing some unauthorized operations.

Answer 29

Clipping level.

Answer 30

Known Error.

Answer 31

Minimum Security Baseline.

Answer 32

Maximum Tolerable Downtime.

Answer 33

defense in depth.

Answer 34

economy of mechanisms.

Answer 35

fail secure

Answer 36

psychological acceptability

Answer 37

avoidance.

Answer 38

mitigation.

Answer 39

transference.

Answer 40

acceptance.

Answer 41

guideline.

Answer 42

provide metrics for measuring the software and its behavior, and using the software in a specific context of use.

Answer 43

evaluate security engineering practices and organizational management processes.

Answer 44

support accreditation and certification bodies that audit and certify information security management systems.

Answer 45

ensure that the claimed identity of personnel are appropriately verified.

Answer 46

Capability Maturity Model Integration (CMMI)

Answer 47

Sherwood Applied Business Security Architecture (SABSA)

Answer 48

Control Objectives for Information and related Technology (COBIT®)

Answer 49

Zachman Framework

Answer 50

Service Level Agreements (SLAs).

Answer 51

Intellectual Property protection.

Answer 52

Cost of customization.

Answer 53

Review of the code for backdoors and Trojan horses.

Answer 54

Annualized Rate of Occurrence (ARO) x Exposure Factor

Answer 55

Probability x Impact

Answer 56

Asset Value x Exposure Factor

Answer 57

Annualized Rate of Occurrence (ARO) x Asset Value

Answer 58

avoidance.

Answer 59

transference.

Answer 60

mitigation.

Answer 61

acceptance.

Answer 62

ISO/IEC 15408.

Answer 63

NIST SP 800-64.

Answer 64

Security Requirements for Cryptographic Modules (FIPS 140).

Answer 65

Peronal Identity Verification (PIV) of Federal Employees and Contractors (FIPS 201).

Answer 66

Advanced Encryption Standard (FIPS 197).

Answer 67

Digital Signature Standard (FIPS 186).

Answer 68

Computer Emergency Response Team (CERT).

Answer 69

Web Application Security Consortium (WASC).

Answer 70

Open Web Application Security Project (OWASP).

Answer 71

Forums for Incident Response and Security Teams (FIRST)

Answer 72

Sanitization.

Answer 73

Degaussing.

Answer 74

Anonymization.

Answer 75

Formatting.

Answer 76

Technology used in building the application

Answer 77

Goals and objectives of the organization.

Answer 78

Software quality requirements

Answer 79

External auditor requirements

Answer 80

Directory information.

Answer 81

Personally identifiable information (PII).

Answer 82

User’s card holder data.

Answer 83

Software architecture and network diagram

Answer 84

confidentiality requirements.

Answer 85

integrity requirements

Answer 86

availability requirements.

Answer 87

authentication requirements

Answer 88

Maximum Tolerable Downtime (MTD).

Answer 89

Mean Time Before Failure (MTBF).

Answer 90

Minimum Security Baseline (MSB).

Answer 91

Recovery Time Objective (RTO).

Answer 92

biometric authentication.

Answer 93

forms authentication.

Answer 94

digest authentication.

Answer 95

integrated authentication.

Answer 96

Authorization

Answer 97

Authentication.

Answer 98

Availability

Answer 99

Non-discretionary Access Control (NDAC).

Answer 100

Discretionary Access Control (DAC).

Answer 101

Mandatory Access Control (MAC).

Answer 102

Role based Access Control.

Answer 103

authentication requirements.

Answer 104

archiving requirements.

Answer 105

accountability requirements.

Answer 106

authorization requirements.

Answer 107

Improper session management

Answer 108

Lack of auditing

Answer 109

Improper archiving

Answer 110

Lack of encryption

Answer 111

threat modeling.

Answer 112

policy decomposition.

Answer 113

subject-object modeling

Answer 114

misuse case generation.

Answer 115

engage the customer

Answer 116

model information management

Answer 117

identify least privilege applications

Answer 118

conduct threat modeling and analysis

Answer 119

ensuring scope creep does not occur

Answer 120

validating and communicating user requirements

Answer 121

determining resource allocations

Answer 122

identifying privileged code sections

Answer 123

Error detection

Answer 124

Message corruption.

Answer 125

Integrity assurance

Answer 126

Input validation

Answer 127

Threat modeling

Answer 128

Use case modeling

Answer 129

Misuse case modeling

Answer 130

Data modeling

Answer 131

Race conditions

Answer 132

Mis-actors

Answer 133

Attacker’s perspective

Answer 134

Negative requirements

Answer 135

Key Management Lifecycle

Answer 136

Information Lifecycle Management

Answer 137

Configuration Management

Answer 138

Problem Management

Answer 139

Integrity.

Answer 140

Environment.

Answer 141

International.

Answer 142

Procurement.

Answer 143

Service Level Agreements (SLA).

Answer 144

Non-Disclosure Agreements (NDA)

Answer 145

Non-compete Agreements

Answer 146

Project plan.

Answer 147

Reliability

Answer 148

Resiliency.

Answer 149

Recoverability

Answer 150

Redundancy.

Answer 151

Availability.

Answer 152

Authentication.

Answer 153

Authorization.

Answer 154

Accountability.

Answer 155

Non-Disclosure Agreement (NDA).

Answer 156

Corporate Contract.

Answer 157

Service Level Agreements (SLA).

Answer 158

Threat model.

Answer 159

integrity requirements

Answer 160

authorization requirements

Answer 161

confidentiality requirements.

Answer 162

non-repudiation requirements.

Answer 163

Confidentiality.

Answer 164

Integrity.

Answer 165

Availability.

Answer 166

Accountability

Answer 167

Encryption.

Answer 168

Steganography.

Answer 169

Encryption.

Answer 170

Watermarking.

Answer 171

Confidentiality.

Answer 172

Integrity.

Answer 173

Availability

Answer 174

Authentication.

Answer 175

Ensure scope creep does not occur

Answer 176

Validate and communicate user requirements

Answer 177

Determine resource allocations

Answer 178

Identifying privileged code sections

Answer 179

Requirements analysis

Answer 180

Implementation

Answer 181

Deployment

Answer 182

Advanced Encryption Standard (AES)

Answer 183

Steganography

Answer 184

Public Key Infrastructure (PKI)

Answer 185

Lightweight Directory Access Protocol (LDAP)

Answer 186

Speed of cryptographic operations

Answer 187

Confidentiality assurance

Answer 188

Key exchange

Answer 189

Non-repudiation

Answer 190

encryption.

Answer 191

obfuscation.

Answer 192

least privilege.

Answer 193

least common mechanisms.

Answer 194

economy of mechanisms.

Answer 195

separation of duties

Answer 196

increase the security of authentication mechanisms

Answer 197

simplify user authentication.

Answer 198

have the ability to check each access request

Answer 199

allow for interoperability between wireless and wired networks.

Answer 200

Availability

Answer 201

Authorization.

Answer 202

attackers.

Answer 203

business impact.

Answer 204

critical assets

Answer 205

entry points.

Answer 206

Repudiation

Answer 207

Information disclosure

Answer 208

Transport.

Answer 209

Application.

Answer 210

interoperability.

Answer 211

authentication.

Answer 212

authorization.

Answer 213

installation ease.

Answer 214

Software as a Service (SaaS).

Answer 215

Service Oriented Architecture (SOA).

Answer 216

Rich Internet Application (RIA).

Answer 217

Distributed Network Architecture (DNA).

Answer 218

Authorization.

Answer 219

Identification.

Answer 220

Injection.

Answer 221

Inference.

Answer 222

Polyinstantiation.

Answer 223

normalization.

Answer 224

encryption

Answer 225

database views.

Answer 226

security management interfaces.

Answer 227

global files.

Answer 228

exception handling.

Answer 229

Security Assert Markup Language (SAML)

Answer 230

Liberty alliance ID-FF

Answer 231

One Time password (OTP)

Answer 232

Unique session identifier generation and exchange.

Answer 233

Transport Layer Security.

Answer 234

Digital Rights Management (DRM)

Answer 235

Data Loss Prevention,

Answer 236

Data Loss Prevention (DLP).

Answer 237

Software as a Service (SaaS)

Answer 238

Flow control

Answer 239

Digital Rights Management (DRM)

Answer 240

Cross Site Request Forgery (CSRF)

Answer 241

SQL Injection

Answer 242

High Cohesion

Answer 243

Low Cohesion

Answer 244

Tight Coupling

Answer 245

Loose Coupling

Answer 246

Garbage collector

Answer 247

Class Loader

Answer 248

Bytecode Verfier

Answer 249

Java Security Manager

Answer 250

Insecure APIs

Answer 251

Data leakage and/or loss

Answer 252

Abuse of computing resources

Answer 253

Unauthorized access

Answer 254

Ransomware

Answer 255

they were not initially implemented with security in mind

Answer 256

the skills of a hacker has increased significantly

Answer 257

the data that they collect are of top secret classification

Answer 258

the firewalls that are installed in front of these devices have been breached.

Answer 259

create new products

Answer 260

capture market share

Answer 261

solve business problems

Answer 262

mitigate hacker threats

Answer 263

compilation

Answer 264

interpretation

Answer 265

instantiation

Answer 266

Locality of reference

Answer 267

Type safety

Answer 268

Cyclomatic complexity

Answer 269

Parametric polymorphism

Answer 270

natural language

Answer 271

very high-level language (VHLL)

Answer 272

high-level language (HLL)

Answer 273

low-level language

Answer 274

Injection flaws

Answer 275

Cross-Site Scripting (XSS)

Answer 276

Buffer overflow

Answer 277

Man-in-the-Middle (MITM)

Answer 278

Configuration Management.

Answer 279

Session Management.

Answer 280

Patch Management.

Answer 281

Exception Management.

Answer 282

SQL Injection

Answer 283

Cross-Site Scripting (XSS)

Answer 284

Cross-Site Request Forgery (CSRF)

Answer 285

. Insecure cryptographic storage

Answer 286

Data Encryption Standard (DES)

Answer 287

Triple Data Encryption Standard (3DES)

Answer 288

Advanced Encryption Standard (AES)

Answer 289

Data Loss Prevention (DLP)

Answer 290

Internet Protocol Security (IPSec)

Answer 291

Secure Sockets Layer (SSL)

Answer 292

Digital Rights Management (DRM)

Answer 293

Repudiation

Answer 294

Information disclosure

Answer 295

Anti-tampering protection

Answer 296

Authenticity of code origin

Answer 297

Runtime permissions for code

Answer 298

Authentication of users

Answer 299

Distant observation

Answer 300

Power analysis

Answer 301

Object code

Answer 302

Type safe code

Answer 303

Obfuscated code

Answer 304

Source code

Answer 305

imperative syntax security

Answer 306

declarative syntax security

Answer 307

code signing

Answer 308

code obfuscation

Answer 309

Cryptographic agility

Answer 310

Parametric polymorphism

Answer 311

Declarative security

Answer 312

Imperative security

Answer 313

Error handling

Answer 314

Exception management

Answer 315

Locality of reference

Answer 316

are references to memory locations of destroyed objects.

Answer 317

is the non-functional code that that is left behind in the source.

Answer 318

is the payload code that the attacker uploads into memory to execute.

Answer 319

are references in memory locations that are used prior to being initialized.

Answer 320

Data Execution Prevention (DEP)

Answer 321

Executable Space Protection (ESP)

Answer 322

Address Space Layout Randomization (ASLR)

Answer 323

Safe Security Exception Handler (/SAFESEH)

Answer 324

object code

Answer 325

obfuscated code.

Answer 326

encrypted code.

Answer 327

hashed code.

Answer 328

Version control

Answer 329

Audit logging

Answer 330

Change control

Answer 331

runtime behavior of code can be analyzed.

Answer 332

business logic flaws are more easily detectable.

Answer 333

the analysis is performed in a production or production-like environment

Answer 334

errors and vulnerabilities can be detected earlier in the life cycle.

Answer 335

encryption of data when it is processed.

Answer 336

hashing of data when it is stored.

Answer 337

hiding of data within other media objects when it is transmitted.

Answer 338

masking of data when it is displayed.

Answer 339

Tokenization

Answer 340

Canonicalization

Answer 341

Sandboxing

Answer 342

Tokenization

Answer 343

Versioning

Answer 344

. Concurrency

Answer 345

redundancy.

Answer 346

recoverability.

Answer 347

resiliency.

Answer 348

reliability.

Answer 349

Prototyping

Answer 350

Least privilege

Answer 351

Separation of duties

Answer 352

Leveraging existing components

Answer 353

Psychological acceptability

Answer 354

Scalability

Answer 355

Integration

Answer 356

Integration

Answer 357

Regression

Answer 358

Regression

Answer 359

Integration

Answer 360

Simulation

Answer 361

Source code analyzers

Answer 362

Banner grabbing software

Answer 363

rules of engagement.

Answer 364

role based access control mechanisms

Answer 365

threat models.

Answer 366

Availability

Answer 367

Authentication.

Answer 368

Non-repudiation.

Answer 369

Authorization.

Answer 370

Injection flaws

Answer 371

Lack of reverse engineering protection.

Answer 372

Cross-Site Scripting.

Answer 373

Broken session management.

Answer 374

Defect identifier

Answer 375

Expected results

Answer 376

Tester name

Answer 377

Watermarking

Answer 378

truly random data without any consideration for the data structure.

Answer 379

variations of data structures that are known.

Answer 380

data that get interpreted as commands by a backend interpreter

Answer 381

scripts that are reflected and executed on the client browser.

Answer 382

Normal operational functionality is not restored automatically.

Answer 383

Access to all functionality is denied.

Answer 384

Confidentiality, integrity and availability are not adversely impacted.

Answer 385

End users are adequately trained and self help is made available for the end user to fix the error on their own.

Answer 386

Integration

Answer 387

Regression

Answer 388

the point at which the software will break.

Answer 389

if the software can restore itself to normal business operations.

Answer 390

the presence and effectiveness of risk mitigation controls.

Answer 391

how a blackhat would circumvent access control mechanisms.

Answer 392

redundancy.

Answer 393

recoverability.

Answer 394

resiliency.

Answer 395

reliability.

Answer 396

Integration

Answer 397

Regression

Answer 398

Penetration

Answer 399

Integration

Answer 400

Performance

Answer 401

Regression

Answer 402

measure the resiliency of the software by attempting to exploit weaknesses.

Answer 403

detect the presence of loopholes and weaknesses in the software.

Answer 404

detect the effectiveness of security controls that are implemented in the software.

Answer 405

measure the skills and technical know-how of the security tester.

Answer 406

Non-synthetic

Answer 407

Discontinuous

Answer 408

Subletting

Answer 409

Validation

Answer 410

Subsetting

Answer 411

Source code review

Answer 412

Threat modeling the software

Answer 413

Black box testing

Answer 414

Structural analysis

Answer 415

verify that installation guides and training manuals are provided.

Answer 416

assess the presence and effectiveness of protection mechanisms.

Answer 417

validate vendor’s software products.

Answer 418

assist the vendor in responding to the request for proposals.

Answer 419

verification

Answer 420

validation

Answer 421

authentication

Answer 422

authorization

Answer 423

Redundancy

Answer 424

Reliability

Answer 425

Resiliency

Answer 426

Recoverability

Answer 427

Operationally Critical Assets Threats and Vulnerability Evaluation® (OCTAVE)

Answer 428

Security Quality Requirements Engineering (SQUARE)

Answer 429

Common Criteria

Answer 430

Comprehensive, Lightweight Application Security Process (CLASP)

Answer 431

regression testing.

Answer 432

integration testing.

Answer 433

unit testing.

Answer 434

user acceptance testing.

Answer 435

hardening.

Answer 436

certification.

Answer 437

accreditation.

Answer 438

Avoid the risk by forcing the business to discontinue use of the software.

Answer 439

Accept the risk with a documented exception.

Answer 440

Transfer the risk by buying insurance.

Answer 441

Ignore the risk since it is legacy software

Answer 442

board members and executive management

Answer 443

business owner.

Answer 444

information technology (IT) management

Answer 445

security organization

Answer 446

inadequate integration testing

Answer 447

incompatible environment configurations.

Answer 448

incomplete threat modeling.

Answer 449

ignored code review

Answer 450

Quantitatively expressed

Answer 451

Objectively expressed

Answer 452

Contextually relevant

Answer 453

Collected manually

Answer 454

reversing.

Answer 455

obfuscation.

Answer 456

Threat modeling.

Answer 457

Code review.

Answer 458

Continuous monitoring.

Answer 459

Regression testing.

Answer 460

Preventive

Answer 461

Corrective

Answer 462

Compensating

Answer 463

Meet the intent and rigor of the original requirement.

Answer 464

Provide an increased level of defense than the original requirement

Answer 465

Be implemented as part of a defense in depth measure.

Answer 466

Must commensurate with additional risk imposed by not adhering to the requirement

Answer 467

Patch management

Answer 468

Release management

Answer 469

Problem management

Answer 470

Incident management

Answer 471

Distributed Denial of Service (DDoS)

Answer 472

Logic Bombs

Answer 473

DNS poisoning

Answer 474

Authentication.

Answer 475

Authorization.

Answer 476

Archiving.

Answer 477

notify management of the security breach.

Answer 478

research the validity of the alert or event further

Answer 479

inform potentially affected customers of a potential breach.

Answer 480

conduct an independent third party evaluation to investigate the reported breach.

Answer 481

Informing the developers that they could lose their jobs if their software is breached.

Answer 482

Informing management that the organizational software could be hacked.

Answer 483

Informing the project team about the recent breach of the competitor’s software.

Answer 484

Informing the development team that there should be no injection flaws in the payroll application.

Answer 485

Penetration testing

Answer 486

Threat modeling

Answer 487

Code review

Answer 488

correlation.

Answer 489

normalization.

Answer 490

collection.

Answer 491

visualization.

Answer 492

detection.

Answer 493

containment.

Answer 494

eradication

Answer 495

restoring service to the expectation of the business user

Answer 496

determining the alerts and events that need to be continuously monitored.

Answer 497

depicting incident information in easy to understand user friendly format.

Answer 498

identifying and eliminating the root cause of the problem

Answer 499

versioning.

Answer 500

hardening.

Answer 501

Threat modeling

Answer 502

Requirements analysis.

Answer 503

Network deployment.

Answer 504

Root cause analysis.

Answer 505

the proper functioning of new features

Answer 506

cryptographic agility

Answer 507

backward compatibility.

Answer 508

the enabling of previously disabled services

Answer 509

End-of-life.

Answer 510

Vulnerability management.

Answer 511

Data classification.

Answer 512

mitigation.

Answer 513

transference.

Answer 514

acceptance.

Answer 515

avoidance.

Answer 516

Dumpster divers

Answer 517

Social engineers

Answer 518

Script kiddies.

Answer 519

Production

Answer 520

at the end of development phase of the project

Answer 521

before and after the code is implemented.

Answer 522

before and after the software requirements are complete.

Answer 523

at the end of the deployment phase of the project.

Answer 524

periodically patching database servers

Answer 525

implementing source code version control.

Answer 526

logging all database access requests.

Answer 527

proper change control management.

Answer 528

Disaster Recovery Plan.

Answer 529

Project Management Plan.

Answer 530

Incident Response Plan.

Answer 531

Quality Assurance and Testing Plan.

Answer 532

cessation of development activities within a company

Answer 533

increase in the number of foreign trade agreements

Answer 534

incidences of malicious code and logic found in acquired software

Answer 535

decrease in the trust of consumers on software developed within a company.

Answer 536

Contracting

Answer 537

Development

Answer 538

Delivery (Handover

Answer 539

Authenticity

Answer 540

Conformance

Answer 541

Authorization

Answer 542

Trustworthiness

Answer 543

Counterfeit software

Answer 544

Insecure code transfer

Answer 545

Subornation

Answer 546

End-to-end encryption

Answer 547

Location agnostic protection

Answer 548

Locality of reference

Answer 549

Cryptographic agility

Answer 550

Foreign ownership and control or influence

Answer 551

Security track record

Answer 552

Security knowledge of the supplier’ s personnel

Answer 553

Compliance with security policies, regulatory and privacy requirements.

Answer 554

Key Performance Indicators (KPI)

Answer 555

Relative Attack Surface Quotient (RASQ)

Answer 556

Maximum Tolerable Downtime (MTD)

Answer 557

Requirements Traceability Matrix (RTM)

Answer 558

Software Configuration Management Plan

Answer 559

Minimum Security Baseline

Answer 560

Service Level Agreements

Answer 561

Assurance Plan

Answer 562

Contracts-based protection is mutual.

Answer 563

Disclaimer-based protection is mutual

Answer 564

Contracts-based protection is done by one-sided notification of terms

Answer 565

Disclaimer-based protection is legally binding.

Answer 566

Trademarks

Answer 567

Trade secret

Answer 568

Trade secrets

Answer 569

Trademarks

Answer 570

Copyrights

Answer 571

Non-Disclosure Agreements (NDA)

Answer 572

Service Level Agreements (SLA)

Answer 573

Trademarks

Answer 574

Ransomware

Answer 575

Denial of Service

Answer 576

Authentication bypass

Answer 577

Disclaimers

Answer 578

Validity periods

Answer 579

Encryption

Answer 580

Before delivery (handover)

Answer 581

Before code inspection.

Answer 582

After deployment.

Answer 583

Before retirement.

Answer 584

Only the original publisher of the source code can modify the code

Answer 585

Open source software is not supported and maintained by mature companies or communities.

Answer 586

The attacker can look into the source code to determine its exploitability.

Answer 587

Open source software can only be purchased using a piece-meal approach.

Answer 588

Threat modeling

Answer 589

Penetration testing

Answer 590

Code review

Answer 591

Logic Bombs

Answer 592

Logic Flaws

Answer 593

Trojan horses

Answer 594

Least privilege

Answer 595

Access Control

Answer 596

Open Design

Answer 597

disclosure

Answer 598

denial of service

Answer 599

Source code scanners

Answer 600

Binary code scanners

Answer 601

Byte code scanners

Answer 602

Compliance validators

Answer 603

Code review

Answer 604

Code signing

Answer 605

Encryption

Answer 606

Code scanning

Answer 607

Chain of custody

Answer 608

Separation of privileges

Answer 609

System logs

Answer 610

Application data

Answer 611

Transference

Answer 612

Mitigation

Answer 613

Acceptance

Answer 614

Integration

Answer 615

Regression

Answer 616

Runtime integrity assurance

Answer 617

Termination Access Control

Answer 618

Custom Code Extension Checks

	Creado por Thomas Kreuser hace alrededor de 7 años

Siguiente

Secure Software Development Final

Descripción

Resumen del Recurso

Pregunta 1

Pregunta 2

Pregunta 3

Pregunta 4

Pregunta 5

Pregunta 6

Pregunta 7

Pregunta 8

Pregunta 9

Pregunta 10

Pregunta 11

Pregunta 12

Pregunta 13

Pregunta 14

Pregunta 15

Pregunta 16

Pregunta 17

Pregunta 18

Pregunta 19

Pregunta 20

Pregunta 21

Pregunta 22

Pregunta 23

Pregunta 24

Pregunta 25

Pregunta 26

Pregunta 27

Pregunta 28

Pregunta 29

Pregunta 30

Pregunta 31

Pregunta 32

Pregunta 33

Pregunta 34

Pregunta 35

Pregunta 36

Pregunta 37

Pregunta 38

Pregunta 39

Pregunta 40

Pregunta 41

Pregunta 42

Pregunta 43

Pregunta 44

Pregunta 45

Pregunta 46

Pregunta 47

Pregunta 48

Pregunta 49

Pregunta 50

Pregunta 51

Pregunta 52

Pregunta 53

Pregunta 54

Pregunta 55

Pregunta 56

Pregunta 57

Pregunta 58

Pregunta 59

Pregunta 60

Pregunta 61

Pregunta 62

Pregunta 63

Pregunta 64

Pregunta 65

Pregunta 66

Pregunta 67

Pregunta 68

Pregunta 69

Pregunta 70

Pregunta 71

Pregunta 72

Pregunta 73

Pregunta 74

Pregunta 75

Pregunta 76