WGU D487 SECURE SW DESIGN EXAM 2024 ACTUAL EXAM 2 VERSIONS (VERSION A AND B) COMPLETE ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100% CORRECT ANSWERS) /ALREADY GRADED A+

1. In the context of the STRIDE model, which threat is privermarily associated with an attacker pretending to be a legitimate user or system? A) Spoofing B) Tampering C) Repudiation D) Information Disclosure Answer: A) Spoofing Spoofing involves illegally accessing and using another user's or system's credentials, such as by using a stolen username and password, IP spoofing, or forging an email address. 2. A development team is designing an authentication module. What is the MOST secure design principle to follow for storing user passwords? A) Encrypt passwords using a symmetric algorithm. B) Hash passwords using a strong, salted cryptographic hash function. C) Store passwords in a plain text file with strict file permissions. D) Use a reversible encoding scheme like Base64. Answer: B) Hash passwords using a strong, salted cryptographic hash function. Hashing is a one-way function, making it computationally infeasible to recover the original password. Salting (adding a random value to each password before hashing) protects against precomputed rainbow table attacks. Encryption and encoding are reversible, which is a critical vulnerability for password storage. 3. During a threat modeling session, the team identifies a scenario where a user could dispute having performed a financial transaction. Which STRIDE category does this fall under? A) Spoofing B) Tampering C) Repudiation D) Elevation of Privilege Answer: C) Repudiation Repudiation threats occur when a user can deny performing an action, and the system lacks sufficient evidence to prove otherwise. This is mitigated by controls like secure audit logs and digital signatures. 4. Which security control is the MOST effective defense against Cross-Site Scripting (XSS) attacks? A) Using a Web Application Firewall (WAF) B) Implementing output encoding based on the context (HTML, CSS, JavaScript) C) Performing input validation on the client side D) Using the HTTP Only flag on cookies Answer: B) Implementing output encoding based on the context (HTML, CSS, JavaScript) While other controls like WAFs and input validation are important, output encoding ensures that any user-supplied data is treated as data, not executable code, when it is rendered in the browser. This is the most direct and reliable way to neutralize XSS payloads. 5. The principle of Defense in Depth dictates that: A) A single, strong security control is sufficient. B) Security should be implemented only at the network perimeter. C) Multiple, layered security controls should be used to protect assets. D) All users should be treated as potential threats. Answer: C) Multiple, layered security controls should be used to protect assets. Defense in Depth (or layered security) ensures that if one security control fails, others are in place to prevent a breach. This approach protects against a wider range of attacks and provides redundancy. 6. What is the primary purpose of a Non-Functional Requirement (NFR) related to security? A) To describe the specific features and functions of the system. B) To specify the system's quality attributes, such as auditability and confidentiality. C) To list all the user interfaces for the application. D) To define the project's budget and timeline. Answer: B) To specify the system's quality attributes, such as auditability and confidentiality. Security NFRs define how well the system performs its functions in terms of security, such as "all authentication events shall be logged." They specify quality attributes rather than specific behaviors. 7. Which of the following is a key characteristic of a Security Architecture Pattern? A) It is a specific vendor's product for implementing firewalls. B) It provides a reusable, best-practice solution to a common security design problem. C) It details the exact programming language to be used for development. D) It is only applicable to monolithic architectures. Answer: B) It provides a reusable, best-practice solution to a common security design problem. Security architecture patterns, like the "Gatekeeper" or "Reference Monitor" patterns, offer proven, template-like solutions for addressing recurring security challenges in system design. 8. In a microservices architecture, the "Service Mesh" pattern enhances security by: A) Consolidating all business logic into a single service. B) Handling service-to-service communication, security, and monitoring at the infrastructure layer. C) Requiring each service to implement its own authentication logic. D) Eliminating the need for an API Gateway. Answer: B) Handling service-to-service communication, security, and monitoring at the infrastructure layer. A service mesh (e.g., Istio, Linkerd) provides a dedicated infrastructure layer for managing service communication. It can transparently handle security concerns like mutual TLS (mTLS) for encryption and authentication, policy enforcement, and observability, offloading this complexity from the application code. 9. A security requirement states: "The system must prevent automated credential stuffing attacks." What is the BEST technical control to implement this? A) Enforcing a minimum password length of 12 characters. B) Implementing multi-factor authentication (MFA). C) Using CAPTCHA challenges after repeated failed login attempts. D) Hashing passwords with a strong algorithm. Answer: C) Using CAPTCHA challenges after repeated failed login attempts. Credential stuffing relies on automation to try vast numbers of username/password pairs. CAPTCHA is specifically designed to distinguish between human users and bots, effectively blocking automated scripts. While MFA is a stronger overall control for account security, CAPTCHA is a more direct defense against the automation aspect of credential stuffing. 10. What is the main goal of the "Economy of Mechanism" design principle? B) To make the system as cheap as possible to develop. A) To ensure security mechanisms are as simple and small as possible. C) To use the fewest number of servers to save costs. D) To ensure the system uses economic principles for access control. Answer: A) To ensure security mechanisms are as simple and small as possible. Complex security designs are more prone to errors and harder to verify, test, and maintain. Simpler mechanisms are less likely to contain hidden flaws and are easier to trust. 11. When using the DREAD model for risk assessment, which component evaluates the number of users that would be affected if an exploit were successful? A) Damage Potential B) Reproducibility C) Exploitability D) Affected Users Answer: D) Affected Users The "A" in DREAD stands for "Affected Users," which measures the scope of the impact in terms of how many users or systems would be compromised. 12. A design specifies that an application should return a generic "login failed" message regardless of whether the username or password is incorrect. This practice is primarily intended to mitigate which type of attack? A) SQL Injection B) Credential Harvesting C) Session Hijacking D) Clickjacking Answer: B) Credential Harvesting A) Spoofing B) Tampering C) Repudiation D) Denial of Service Specific error messages like "invalid username" or "invalid password" reveal information to an attacker. A generic message prevents them from enumerating and discovering which usernames are valid in the system, a key step in credential harvesting and brute-force attacks. 13. Which of the following is the STRIDE counterpart for the security goal of Integrity? Answer: B) Tampering The STRIDE threat of Tampering (unauthorized modification of data) directly opposes the security goal of Integrity (ensuring data is accurate and unaltered).