WGU D385 - Software Security and Testing |OA|
Objective Assessment| Actual Questions and
Answers Latest Updated (Graded A+)
Correct
Incorrect
D385 - Software Security and Testing
,- strong collision resistance (collision resistance)
Give this one a try later!
Padding schemes Cryptographic Hash functions
Penetration Testing CSP (Content-Security-Policy) 2
Don't know?
2 of 108
Definition
a phase of software testing where end users or clients test the
software to ensure it meets their requirements and is ready for
production use. It validates that the software aligns with user
expectations.
black-box (because it focuses on whether the software meets user
requirements without diving into internal code).
frequency: alpha, beta, done by end users, subject matter expert
disadvantages: end users may be untrained, lack of focus, bias
Give this one a try later!
, User Acceptance Testing (UAT) Quality Assurance (qa) evaluation
Fuzz Testing (Fuzzy Testing) System Integration Testing (sit)
Don't know?
3 of 108
Definition
sometimes referred to as
access control
Give this one a try later!
Accounting Encoding
Authorization Integrity
Don't know?
, 4 of 108
Term
What is the most efficient solution to the key-distribution problem?
Give this one a try later!
DH key exchange method
This approach doesn't actually distribute a key from one party to another; the
key is independently created in tandem by both parties.
Public key encryption
RSA
Don't know?
5 of 108
Definition
Remote code-execution attacks are brutal. Never combine
cookie-based sessions with PickleSerializer; the risk is too
great. This combination is unpopular for good reasons - it
can be severely exploited by an attacker if they have
access to the SECRET_KEY setting.
Objective Assessment| Actual Questions and
Answers Latest Updated (Graded A+)
Correct
Incorrect
D385 - Software Security and Testing
,- strong collision resistance (collision resistance)
Give this one a try later!
Padding schemes Cryptographic Hash functions
Penetration Testing CSP (Content-Security-Policy) 2
Don't know?
2 of 108
Definition
a phase of software testing where end users or clients test the
software to ensure it meets their requirements and is ready for
production use. It validates that the software aligns with user
expectations.
black-box (because it focuses on whether the software meets user
requirements without diving into internal code).
frequency: alpha, beta, done by end users, subject matter expert
disadvantages: end users may be untrained, lack of focus, bias
Give this one a try later!
, User Acceptance Testing (UAT) Quality Assurance (qa) evaluation
Fuzz Testing (Fuzzy Testing) System Integration Testing (sit)
Don't know?
3 of 108
Definition
sometimes referred to as
access control
Give this one a try later!
Accounting Encoding
Authorization Integrity
Don't know?
, 4 of 108
Term
What is the most efficient solution to the key-distribution problem?
Give this one a try later!
DH key exchange method
This approach doesn't actually distribute a key from one party to another; the
key is independently created in tandem by both parties.
Public key encryption
RSA
Don't know?
5 of 108
Definition
Remote code-execution attacks are brutal. Never combine
cookie-based sessions with PickleSerializer; the risk is too
great. This combination is unpopular for good reasons - it
can be severely exploited by an attacker if they have
access to the SECRET_KEY setting.
