100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024 $17.99   Add to cart

Exam (elaborations)

WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024

 0 view  0 purchase
  • Course
  • Institution
  • Book

WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024

Preview 2 out of 13  pages

  • September 24, 2024
  • 13
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
avatar-seller
WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2024 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED
A+

SDL - ANSWER: Security Development Lifecycle

SDLC - ANSWER: Software Development Life Cycle

Software Security - ANSWER: Building security into the software through a SDL in an
SDLC

Application Security - ANSWER: Protecting the software and the systems on which it
runs after release

the C.I.A model - ANSWER: The core elements of security

PITAC - ANSWER: President's Information Technology Advisory Committee

Quality and Security - ANSWER: In terms of coding defects, the product not only has
to work right, it also has to be secure

Trustworthy Computing(TwC) - ANSWER: The team which formed the concept that
let to Microsoft Security Development Lifecycle

Static Analysis Tools - ANSWER: Tools that look for a fixed pattern or rules in the
code in a manner similar to virus checking programs

Authorization - ANSWER: Ensures that the user has the appropriate role and privilege

Authentication - ANSWER: Ensures that the user is who he or she claims to be and
that data come from the appropriate place

Threat Modeling - ANSWER: To understand the potential security threats to the
system, determine risk, and establish appropriate mitigations. Applies principles such
as least privilege and defense-in-depth; requires human expertise and not tools to
accomplish

Attack Surface - ANSWER: The entry points and exit points of an application that may
be accessible to an attacker

Agile Method - ANSWER: A time-boxed iterative approach that facilitates a rapid and
flexible response to change, which in turn encourages evolutionary development and

, delivery while promoting adaptive planning, development, teamwork, collaboration,
and process adaptability throughout the lifecycle of the project

Bugtraq IDs - ANSWER: Identifiers for a commercially operated vulnerability that are
used in security advisories and alerts, as well as for discussions on the mailing list

Building Security in Maturity Model (BSIMM) - ANSWER: A study of real-world
software security initiatives organized so that you can determine where you stand
with your software security initiatives and how to evolve efforts over time

Common Vulnerability Scoring System (CVSS) - ANSWER: Provides an open
framework for communicating the characteristics and impacts of IT vulnerabilities

CWE - ANSWER: Common Weakness Enumeration

DAST - ANSWER: Dynamic Application Security Testing

Dynamic program analysis - ANSWER: The analysis of computer software that is
performed by executing programs on a real or virtual processor in real time

GRC - ANSWER: Governance, Risk and Compliance

ISMS - ANSWER: Information Security Management System

ISO/IEC - ANSWER: International Organization for Standardization(ISO) /
International Electrotechnical
Commission(IEC).

ISO/IEC 27001 - ANSWER: A standard that specifies a management system intended
to bring information security under formal management control

ISO/IEC 27034 - ANSWER: A standard that provides guidance to help organizations
embed security within their processes that help secure applications running in the
environment

ISO/IEC 27034-1:2011 - ANSWER: A standard for application security which offers a
concise, internationally recognized way to get transparency into vendor/supplier's
software security management process

Iterative Waterfall Development Model - ANSWER: An approach that carries less risk
than traditional approaches but is more risky and less efficient and the overall
project is divided into various phases, each executed using the traditional method

Lean - ANSWER: Focuses on features rather than groups of features, you select, plan,
develop, test, and deploy one feature before you select, plan, develop, test, and
deploy the next feature

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller tutorsection1. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81113 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$17.99
  • (0)
  Add to cart