WGU MASTER'S COURSE C706 -SECURE
SOFTWARE DESIGN EXAM LATEST 2024 WITH
UPDATED QUESTIONS AND DETAILEDCORRECT
ANSWERS WITH RATIONALES
(ALREADY GRADED A+)
Which role requires the technical capability to be trained as a software
security architect who then assists the centralized software security group
with architecture security analysis and threat modeling?
-Software champion
-Software evangelist
-Junior software developer
-Senior software programmer - ANSWER-Software champion
An application development team is designing and building an application
that interfaces with a back-end database.
Which activity should be included when constructing a threat model for the
application?
2 | P a g e
-Designate one or more primary keys for each database table in the
database
-Decompose the application to understand how it interacts with external
entities
-Review the relationships among the attributes to be included in the
database tables
-Create a set of performance metrics to assess the functionality of the
developed application - ANSWER-Decompose the application to understand
how it interacts with external entities
What is the third step for constructing a threat model for identifying a
spoofing threat?
-Decompose threats
-Identify threats
-Identify vulnerabilities
-Survey the application - ANSWER-Decompose threats
Which security concept refers to the quality of information that could cause
harm or damage if disclosed?
-Isolation
-Discretion
-Seclusion
-Sensitivity - ANSWER-Sensitivity
3 | P a g e
Which technology would be an example of an injection flaw, according to the
OWASP Top 10?
-SQL
-API
-XML
-XSS - ANSWERA company is creating a new software to track customer balance and wants
to design a secure application.
Which best practice should be applied?
-Create multiple layers of protection so that a subsequent layer provides
protection if a layer is breached
-Ensure there is physical acceptability to ensure software is intuitive for the
users to do their jobs
4 | P a g e
-Allow mediation bypass or suspension for software testing and emergency
planning
-Develop a secure authentication method that has a closed design -
ANSWER-Create multiple layers of protection so that a subsequent layer
provides protection if a layer is breached
A company is developing a secure software that has to be evaluated and
tested by a large number of experts.
Which security principle should be applied?
-Fail safe
-Open design
-Defense in depth
-Complete mediation - ANSWER-Open design
Which type of TCP scanning indicates that a system is moving to the second
phase in a three-way TCP handshake?
-TCP SYN scanning
-TCP ACK scanning
-TCP XMAS scanning
-TCP Connect scanning - ANSWER-TCP SYN scanning
Which evaluation technique provides invalid, unexpected, or random data to
ati ati pharmacology comprehensive comprehensive predictor health care health care / nursing health care/ nursing healthcare hesi hesi rn exit maternal newborn med surg medical nursing medical surgical mental health nurs nursing nursing & health nutrition pathophysiology pediatrics pharmacology psychology test bank tncc
Knoowy is the place to be! Steeds de moeite om eens na te gaan naar verslagen over uw opleiding.
Tijdens mijn studie aan de Arteveldehogeschool en KU Leuven heb ik opdrachten gemaakt die ik nu via Knoowy deel met andere studenten.
Bij Knoowy vind ik notities van vakken die mij helpen bij het leren.
Kijk voor samenvattingen ook eens op Knoowy. Goede samenvattingen en betaalbaar.
Knoowy is zeker een fijn platform waar studenten goede samenvattingen kunnen vinden die ondersteunend werken voor het examen.
Gemakkelijke website voor samenvattingen te vinden aan een klein prijsje.
Soms koop ik meerdere samenvattingen over 1 boek. Dit helpt mij als ik onvoldoende tijd heb om het hele boek te lezen en zelf geen samenvatting kan maken.
Knoowy is heel handig om te gebruiken en je vind snel het materiaal dat je nodig hebt.