WGU C706 Pre- Assessment (New 2023/ 2024 Update) Secure Software Design| Questions and Verified Answers| 100% Correct| Graded A

WGU C706 Pre- Assessment (New 2023/ 2024 Update) Secure Software Design| Questions and Verified Answers| 100% Correct| Graded A QUESTION What is the third step for constructing a threat model for identifying a spoofing threat? -Decompose threats -Identify threats -Identify vulnerabilities -Survey the application Answer: Decompose threats QUESTION What is a step for constructing a threat model for a project when using practical risk analysis? -Align your business goals -Apply engineering methods -Estimate probability of project time. -Make a list of what you are trying to protect Answer: Make a list of what you are trying to protect QUESTION Which cyber threats are typically surgical by nature, have highly specific targeting, and are technologically sophisticated? -Tactical attacks -Criminal attacks -Strategic attacks -User-specific attacks Answer: Tactical attacks QUESTION Which type of cyberattacks are often intended to elevate awareness of a topic? -Sociopolitical attacks -User-specific attacks -Tactical attacks -Cyberwarfare Answer: Sociopolitical attacks QUESTION What type of attack locks a user's desktop and then requires a payment to unlock it? -Phishing -Keylogger -Ransomware -Denial-of-service Answer: -Ransomware QUESTION What is a countermeasure against various forms of XML and XML path injection attacks? -XML name wrapping -XML unicode encoding -XML attribute escaping -XML distinguished name escaping Answer: XML attribute escaping QUESTION Which countermeasure is used to mitigate SQL injection attacks? -SQL Firewall -Projected bijection -Query parameterization -Progressive ColdFusion Answer: Query parameterization QUESTION What is an appropriate countermeasure to an escalation of privilege attack? -Enforcing strong password policies -Using standard encryption algorithms and correct key sizes -Enabling the auditing and logging of all administration activities -Restricting access to specific operations through role-based access controls Answer: Restricting access to specific operations through role-based access controls QUESTION Which configuration management security countermeasure implements least privilege access control? -Avoiding clear text format for credentials and sensitive data -Using AES 256 encryption for communications of a