(WGU C706) Secure Software Design Practice
Questions With Correct Solutions
A software firm is planning to develop a web-based project with a team of up
to eight people.
What is a relevant software methodology to apply where others' roles may be
filled by the same people, including a project manager and business expert?
A. Crystal orange web
B. Waterfall
C. Crystal orange
D. Crystal Clear
E. Scrum Accurate Answer:- E. Scrum
Which system development methodology provides a resource to entry-level
developers with limited exposure?
A. joint application development
B. agile model
C. waterfall model
D. extreme programming Accurate Answer:- C. waterfall model
A company is developing a web application for employees. The web
application must meet the following requirements:
• Employees must be able to use the web application to track shipments.
• The web application must be able to store personal information and
shipment details.
• Although the web application will be accessible outside of the company's
intranet, employees' information must be secure.
Which process should be used to make certain that the web application meets
these requirements?
A. redundancy in the data
B. SDLC agile model
C. SDLC waterfall model
, D. software assurance Accurate Answer:- D. software assurance
A development team has chosen the waterfall methodology as an SDLC
approach. This methodology was chosen because of the limited experience of
the team, but waterfall has several security considerations.
Match each phase of the waterfall methodology to its appropriate security
concern.
Requirements analysis
Design
Construction/implementation
Testing
Installation
Operation Accurate Answer:- Requirements analysis - Define security
features
Design - Misuse cases/vulnerability mapping
Construction/implementation - Secure coding practices
Testing - Penetration assessment
Installation - Final security review
Operation - Periodic security review and updates
Which core element of cybersecurity is implemented through the following
secure software design features?
Off-site backup
Public key
Hash
Message digest Accurate Answer:- Off-site backup = Availability
Public key = Confidentiality
Hash = Integrity
Message digest = Integrity
Which core element of cybersecurity is implemented through the following
secure software design features?
Cryptography =
Non-repudiation =
Redundancy =
Questions With Correct Solutions
A software firm is planning to develop a web-based project with a team of up
to eight people.
What is a relevant software methodology to apply where others' roles may be
filled by the same people, including a project manager and business expert?
A. Crystal orange web
B. Waterfall
C. Crystal orange
D. Crystal Clear
E. Scrum Accurate Answer:- E. Scrum
Which system development methodology provides a resource to entry-level
developers with limited exposure?
A. joint application development
B. agile model
C. waterfall model
D. extreme programming Accurate Answer:- C. waterfall model
A company is developing a web application for employees. The web
application must meet the following requirements:
• Employees must be able to use the web application to track shipments.
• The web application must be able to store personal information and
shipment details.
• Although the web application will be accessible outside of the company's
intranet, employees' information must be secure.
Which process should be used to make certain that the web application meets
these requirements?
A. redundancy in the data
B. SDLC agile model
C. SDLC waterfall model
, D. software assurance Accurate Answer:- D. software assurance
A development team has chosen the waterfall methodology as an SDLC
approach. This methodology was chosen because of the limited experience of
the team, but waterfall has several security considerations.
Match each phase of the waterfall methodology to its appropriate security
concern.
Requirements analysis
Design
Construction/implementation
Testing
Installation
Operation Accurate Answer:- Requirements analysis - Define security
features
Design - Misuse cases/vulnerability mapping
Construction/implementation - Secure coding practices
Testing - Penetration assessment
Installation - Final security review
Operation - Periodic security review and updates
Which core element of cybersecurity is implemented through the following
secure software design features?
Off-site backup
Public key
Hash
Message digest Accurate Answer:- Off-site backup = Availability
Public key = Confidentiality
Hash = Integrity
Message digest = Integrity
Which core element of cybersecurity is implemented through the following
secure software design features?
Cryptography =
Non-repudiation =
Redundancy =
