Exam (elaborations)
WGU D487: Secure Software Design Practice Questions with Approved Answers | Latest 2024/2025
- Course
- Institution
WGU D487: Secure Software Design Practice Questions with Approved Answers | Latest 2024/2025
[Show more]
Content preview
WGU D487: Secure Software Design Practice__., __., __., __., __., __.,
Questions with Approved Answers | Latest __., __., __., __., __., __.,
2024/2025
The software security team is currently working to identify approaches for
__., __., __., __., __., __., __., __., __., __., __
input validation, authentication, authorization, and configuration
., __., __., __., __., __., __.,
management of a new software product so they can deliver a security
__., __., __., __., __., __., __., __., __., __., __., __.,
profile. Which threat modeling step is being described?
__., __., __., __., __., __., __.,
-Rating threats __.,
-Identifying and documenting threats __., __., __.,
-analyzing the target __., __.,
-drawing data flow diagram __., __., __., __.,__., __., -analyzing the target __., __.,
The organization's testing team has created a catalog of test cases using
__., __., __., __., __., __., __., __., __., __., __., __.
the source code and design documentation of the new product. Each test
, __., __., __., __., __., __., __., __., __., __., __., _
case will be executed for each user role in the new product. Which type
_., __., __., __., __., __., __., __., __., __., __., __., __., __.,
of security testing technique is being performed?
__., __., __., __., __., __., __.,
-gray-box
-black-box
-white-box
-red-box __.,__., -white-box
__.,
What is the study of real-
__., __., __., __., __.,
world software security initiatives organized so companies can measure
__., __., __., __., __., __., __., __., __.,
their initiatives and understand how to evolve them over time?
__., __., __., __., __., __., __., __., __.,
-Building Security in Maturity Model (BSIMM)
__., __., __., __., __.,
-Security features and design __., __., __.,
,-OWASP Software Assurance Maturity Model (SAMM)
__., __., __., __., __.,
-ISO 27001
__., __.,__., __.,-Building Security in Maturity Model (BSIMM)
__., __., __., __., __.,
What is the analysis of computer software that is performed without
__., __., __., __., __., __., __., __., __., __., __.,
executing programs? __.,
-static analysis
__.,
-fuzzing
-dynamic analysis __.,
-owasp zap __., __.,__., __., -static analysis __.,
what iso standard is the benchmark for information security today?
__., __., __., __., __., __., __., __., __.,
-iso 27001
__.,
-iso 7799
__.,
-iso 27034
__.,
-iso 8601
__., __.,__., -iso 27001
__., __.,
what is the analysis of computer software that is performed by executing
__., __., __., __., __., __., __., __., __., __., __., __.
programs on a real or virtual processor in real time?
, __., __., __., __., __., __., __., __., __.,
-dynamic analysis __.,
-static analysis
__.,
-fuzzing
-security testing __., __.,__., -dynamic analysis
__., __.,
which person is responsible for designing, planning, and implementing
__., __., __., __., __., __., __., __., __.,
secure coding practices and security testing methodologies?
__., __., __., __., __., __.,
, -software security architect __., __.,
-product security developer __., __.,
-software security champion __., __.,
-software tester __., __.,__., __.,-software security architect __., __.,
what is a list of information security vulnerabilities that aims to provide
__., __., __., __., __., __., __., __., __., __., __., __
names for publicly known problems?
., __., __., __., __.,
-common computer vulnerabilities and exposures (CVE)
__., __., __., __., __.,
- SANS institute top cyber security risks
__., __., __., __., __., __.,
-bugtraq
- Carnegie melon computer emergency readiness team (CERT)
__., __., __., __., __., __., __., __.,__., -
__.,
common computer vulnerabilities and exposures (CVE)
__., __., __., __., __.,
which secure coding best practice uses well-
__., __., __., __., __., __.,
tested, publicly available algorithms to hide product data from unauthorize
__., __., __., __., __., __., __., __., __.,
d access?
__.,
-access control __.,
-authentication and password management __., __., __.,
-cryptographic practices __.,
-data protection __., __.,__., __., -cryptographic practices __.,
which secure coding best practice ensures servers, frameworks, and system
__., __., __., __., __., __., __., __., __.,
components are all running the latest approved versions?
__., __., __., __., __., __., __., __.,
-file management
__.,
-input validation __.,
-database security __.,
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller AcademiaExpert. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
82215 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now