Exam (elaborations)

C706 - Secure Software Design questions with answers

Rating

Sold

Pages

Grade

A+

Uploaded on

22-10-2025

Written in

2025/2026

C706 - Secure Software Design questions with answers

Institution

Course

Whoops! We can’t load your doc right now. Try again or contact support.

Report Copyright Violation

Written for

Institution: Western Governors University
Course: C706

All documents for this subject (7)

Document information

Uploaded on: October 22, 2025
Number of pages: 18
Written in: 2025/2026
Type: Exam (elaborations)
Contains: Questions & answers

Subjects

c706 secure software design questions with answe

Content preview

C706 - Secure Software Design questions
|\ |\ |\ |\ |\ |\

with answers |\

What is Extreme Programming (XP) method of the Agile SDLC
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

Model? - CORRECT ANSWERS ✔✔Small teams working in the
|\ |\ |\ |\ |\ |\ |\ |\ |\

same room to encourage communication, only required
|\ |\ |\ |\ |\ |\ |\

documentation created. |\

What is Crystal Clear for? - CORRECT ANSWERS ✔✔For noncritical
|\ |\ |\ |\ |\ |\ |\ |\ |\

projects using discretionary money, requiring up to six or eight
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

people. One team same room. Max release 2 months.
|\ |\ |\ |\ |\ |\ |\ |\

What is Crystal Orange for? - CORRECT ANSWERS ✔✔Adequate
|\ |\ |\ |\ |\ |\ |\ |\ |\

for critical, but not life-critical, projects requiring up to 40 people.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

Different teams. From 2 to 4 months, two user viewings per
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

release.

How does a SQL Injection attack work? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

✔✔takes advantage of a vulnerability that appears when a web
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

application fails to properly filter or validate data a user enters
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

on a web page to order a product or communicate with a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

company. An attacker can send a malformed SQL query to the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

underlying database to break into it, plant malicious code or
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

access other systems. |\ |\

Agility & Discipline of XP Method? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\

✔✔Agility - High, Discipline required - High |\ |\ |\ |\ |\ |\

,Agility & Discipline of Crystal Clear Method? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔Agility - High, Discipline required - Low
|\ |\ |\ |\ |\ |\ |\

Agility & Discipline of Crystal Orange Method? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔Agility - Medium, Discipline required - Medium
|\ |\ |\ |\ |\ |\ |\

Agility & Discipline of Scrum Method? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\

✔✔Agility - High, Discipline required - High
|\ |\ |\ |\ |\ |\

Agility & Discipline of RUP Method? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\

✔✔Agility - Low to Medium, Discipline required - High
|\ |\ |\ |\ |\ |\ |\ |\

What are four Scrum events? - CORRECT ANSWERS ✔✔1. Sprint
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

planning meeting. |\

2. Daily Scrum
|\ |\

3. Sprint review
|\ |\

4. Sprint retrospective
|\ |\

What are the four Scrum artifacts? - CORRECT ANSWERS ✔✔1.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

Product backlog |\

2. Sprint backlog
|\ |\

3. Increment
|\

4. Burndown chart
|\ |\

What are the three Scrum roles? - CORRECT ANSWERS ✔✔1.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

Product owner - represents customer
|\ |\ |\ |\

, 2. Development team
|\ |\

3. Scrum master - Coaches team, not project manager
|\ |\ |\ |\ |\ |\ |\ |\

What are the three pillar concepts of Scrum? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔1. Transparency - product visible |\ |\ |\ |\ |\

2. Inspection - of artifact or progress
|\ |\ |\ |\ |\ |\

3. Adaptation - Make corrections when required
|\ |\ |\ |\ |\ |\

What security practitioner role handles deployment? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔Release Manager |\ |\

What security practitioner role handles design? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔Architect |\

What security practitioner role handles coding? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\

ANSWERS ✔✔Developer |\

What security practitioner role handles requirements gathering? -
|\ |\ |\ |\ |\ |\ |\

CORRECT ANSWERS ✔✔Business Analyst/Project Manager
|\ |\ |\ |\ |\

This team is familiar with company infrastructure and software
|\ |\ |\ |\ |\ |\ |\ |\ |\

languages and tries to kill system as developers build it. -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

CORRECT ANSWERS ✔✔Red Team |\ |\ |\

This is a method of program debugging by examining the code
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\

but not executing the program. Also called code review. -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\

CORRECT ANSWERS ✔✔Static analysis |\ |\ |\

$20.99

Get access to the full document:

100% satisfaction guarantee

Immediately available after payment

Both online and in PDF

No strings attached

Get to know the seller

EXAMSTUDYPLUG

4.5

(230)

Get to know the seller

EXAMSTUDYPLUG Stanford University

View profile

Sold

308

Member since

3 year

Number of followers

107

Documents

18416

Last sold

4 days ago

GRADE BUDDY

Welcome to My Page! Are you looking for high-quality study resources to ace your exams or better understand your coursework? You've come to the right place! I'm passionate about sharing my knowledge and helping students succeed academically. Here, you'll find a wide range of well-organized notes, study guides, and helpful materials across various subjects, including Maths ,nursig, Biology, History, etc.. Each resource is carefully crafted with detailed explanations, clear examples, and relevant key points to help simplify complex concepts. Whether you're preparing for a test, reviewing lectures, or need extra support, my resources are designed to make your learning experience smoother and more effective. Let me be a part of your academic journey, and feel free to reach out if you have any questions or need personalized assistance!

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller EXAMSTUDYPLUG. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $20.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews) 50709 documents were sold in the last 30 days Founded in 2010, the go-to place to buy study notes for 16 years now

C706 - Secure Software Design questions with answers

Written for

Document information

Subjects

Content preview

Get to know the seller

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Didn't get what you expected? Choose another document

Pay as you like, start learning right away

Frequently asked questions

What do I get when I buy this document?

Satisfaction guarantee: how does it work?

Who am I buying these notes from?

Will I be stuck with a subscription?

Can Stuvia be trusted?