WGU C706 Secure Software Design Exam (Latest 2023/ 2024 Update) | Questions and Verified Answers| 100% Correct| Grade A

WGU C706 Secure Software Design Exam (Latest 2023/ 2024 Update) | Questions and Verified Answers| 100% Correct| Grade A Q: A hacker has used a design flaw in an application to obtain unauthorized access to the application. Which type of attack has occurred? A buffer overflow B backdoor C escalation of privileges D maintenance hook Answer: C Q: During the recent development of a new application, the customer requested a change. You must implement this change according to the change control process. What is the first step you should implement? A Analyze the change request. B Submit the change results to the management. C Acquire management approval. D Record the change request. Answer: A Q: Which interface language is an application programming interface (API) that can be configured to allow any application to query databases? A JDBC B XML C OLE DB D ODBC Answer: D Q: Which type of channel is used when one process writes data to a hard drive and another process reads it? A covert storage channel B overt storage channel C overt timing channel D covert timing channel Answer: A Q: Which type of malicious attack uses Visual Basic scripting? A dumpster diving attack B denial of service attack C Trojan horse attack D social engineering attack Answer: C Q: All of the following are countermeasures for session management attacks, EXCEPT: A Implement pre- and post-validation controls. B Encrypt cookies that include information about the state of the connection. C Implement time stamps or time-based validation. D Implement randomized session IDs. Answer: A Q: Which tool assists in application development design layout as a part of application development life cycle? A Aggregation B Delphi C Spiral D CASE Answer: D Q: What is a characteristic of maintaining logs in a system? A Logging provides access control by authenticating user credentials. B Logging helps an administrator to detect security breaches and vulnerable points in a network. C Logging provides audit trails but enhances security violations. D Logging prevents security violations but only deals with passive monitoring. Answer: B Q: Your company has purchased an expert system that uses if-then-else reasoning to obtain more data than is currently available. Which expert system processing technique is being implemented? A forward-chaining technique B backward-chaining technique C waterfall model D spiral model Answer: A Q: Which type of malicious code is hidden inside an otherwise benign program when the program is written? A worm B logic bomb C Trojan horse D virus Answer: C Q: Which statement is true of a software development life cycle? A Parallel testing verifies whether more than one system is available for redundancy. B A software programmer should be the only person to develop the software, test it, and submit it to production C Unit testing should be performed by the developer and the quality assurance team. D Workload testing should be performed while designing the functional requirements. Answer: C Q: Your organization has several diskless computer kiosks that boot via optical media located in the office lobby. Recently, users reported that the diskless computers have been infected with a virus. What should you do to ensure the virus is removed? A Launch an anti-virus program on the diskless computers via a USB flash drive. B Remotely launch an anti-virus program on the diskless computers. C Reboot the server to which the diskless computers connect. D Reboot the diskless computers. Answer: D