WGU C706 – Secure Software Design Master’s
Course | 2025 New & Updated Exam Questions
with, Exams of Nursing
Which type of malicious attack uses Visual Basic scripting?
A dumpster diving attack
B denial of service attack
C Trojan horse attack
D social engineering attack C
All of the following are countermeasures for session management attacks, EXCEPT:
A Implement pre- and post-validation controls.
B Encrypt cookies that include information about the state of the connection.
C Implement time stamps or time-based validation.
D Implement randomized session IDs. A
Which tool assists in application development design layout as a part of application
development life cycle?
A Aggregation
B Delphi
C Spiral
D CASE D
What is a characteristic of maintaining logs in a system?
A Logging provides access control by authenticating user credentials.
1|Page
,B Logging helps an administrator to detect security breaches and vulnerable points in a
network.
C Logging provides audit trails but enhances security violations.
D Logging prevents security violations but only deals with passive monitoring. B
Your company has purchased an expert system that uses if-then-else reasoning to obtain more
data than is currently available.
Which expert system processing technique is being implemented?
A forward-chaining technique
B backward-chaining technique
C waterfall model
D spiral model A
Which type of malicious code is hidden inside an otherwise benign program when the program
is written?
A worm
B logic bomb
C Trojan horse
D virus C
Which statement is true of a software development life cycle?
A Parallel testing verifies whether more than one system is available for redundancy.
B A software programmer should be the only person to develop the software, test it, and submit
it to production
C Unit testing should be performed by the developer and the quality assurance team.
D Workload testing should be performed while designing the functional requirements. C
2|Page
,Your organization has several diskless computer kiosks that boot via optical media located in the
office lobby. Recently, users reported that the diskless computers have been infected with a
virus.
What should you do to ensure the virus is removed?
A Launch an anti-virus program on the diskless computers via a USB flash drive.
B Remotely launch an anti-virus program on the diskless computers.
C Reboot the server to which the diskless computers connect.
D Reboot the diskless computers. D
Your company implements several databases. You are concerned with the security of the data in
the databases.
Which statement is correct for database security?
A Data control language (DCL) implements security through access control and granular
restrictions.
B Bind variables provide access control through implementing granular restrictions.
C Data manipulation language (DML) implements access control through authorization.
D Data identification language implements security on data components. A
Which statement is true of a salami attack?
A type of passive attack.
B social engineering technique.
C not an example of data diddling.
D involves stealing small amounts of money from multiple accounts. D
3|Page
, Your company decides that a new software product must be purchased to help the marketing
staff manage their marketing campaigns and the resources used.
During which phase of the software acquisition process do you document the software
requirements?
A Monitoring phase
B Maintaining phase
C Planning phase
D Contracting phase C
You have been tasked with the development of a new application for your organization. You are
engaged in the project initiation phase.
Which activity should you implement during this phase?
A certification and accreditation
B defining formal functional baseline
C functionality and performance tests
D identification of threats and vulnerabilities D
Which Web browser add-in uses Authenticode for security?
A Common Gateway Interface (CGI)
B ActiveX
C Cross-site scripting (XSS)
D Java B
Which statement correctly defines the multipart virus?
4|Page
Course | 2025 New & Updated Exam Questions
with, Exams of Nursing
Which type of malicious attack uses Visual Basic scripting?
A dumpster diving attack
B denial of service attack
C Trojan horse attack
D social engineering attack C
All of the following are countermeasures for session management attacks, EXCEPT:
A Implement pre- and post-validation controls.
B Encrypt cookies that include information about the state of the connection.
C Implement time stamps or time-based validation.
D Implement randomized session IDs. A
Which tool assists in application development design layout as a part of application
development life cycle?
A Aggregation
B Delphi
C Spiral
D CASE D
What is a characteristic of maintaining logs in a system?
A Logging provides access control by authenticating user credentials.
1|Page
,B Logging helps an administrator to detect security breaches and vulnerable points in a
network.
C Logging provides audit trails but enhances security violations.
D Logging prevents security violations but only deals with passive monitoring. B
Your company has purchased an expert system that uses if-then-else reasoning to obtain more
data than is currently available.
Which expert system processing technique is being implemented?
A forward-chaining technique
B backward-chaining technique
C waterfall model
D spiral model A
Which type of malicious code is hidden inside an otherwise benign program when the program
is written?
A worm
B logic bomb
C Trojan horse
D virus C
Which statement is true of a software development life cycle?
A Parallel testing verifies whether more than one system is available for redundancy.
B A software programmer should be the only person to develop the software, test it, and submit
it to production
C Unit testing should be performed by the developer and the quality assurance team.
D Workload testing should be performed while designing the functional requirements. C
2|Page
,Your organization has several diskless computer kiosks that boot via optical media located in the
office lobby. Recently, users reported that the diskless computers have been infected with a
virus.
What should you do to ensure the virus is removed?
A Launch an anti-virus program on the diskless computers via a USB flash drive.
B Remotely launch an anti-virus program on the diskless computers.
C Reboot the server to which the diskless computers connect.
D Reboot the diskless computers. D
Your company implements several databases. You are concerned with the security of the data in
the databases.
Which statement is correct for database security?
A Data control language (DCL) implements security through access control and granular
restrictions.
B Bind variables provide access control through implementing granular restrictions.
C Data manipulation language (DML) implements access control through authorization.
D Data identification language implements security on data components. A
Which statement is true of a salami attack?
A type of passive attack.
B social engineering technique.
C not an example of data diddling.
D involves stealing small amounts of money from multiple accounts. D
3|Page
, Your company decides that a new software product must be purchased to help the marketing
staff manage their marketing campaigns and the resources used.
During which phase of the software acquisition process do you document the software
requirements?
A Monitoring phase
B Maintaining phase
C Planning phase
D Contracting phase C
You have been tasked with the development of a new application for your organization. You are
engaged in the project initiation phase.
Which activity should you implement during this phase?
A certification and accreditation
B defining formal functional baseline
C functionality and performance tests
D identification of threats and vulnerabilities D
Which Web browser add-in uses Authenticode for security?
A Common Gateway Interface (CGI)
B ActiveX
C Cross-site scripting (XSS)
D Java B
Which statement correctly defines the multipart virus?
4|Page
