1|Page
WGU D487 OA SECURE SOFTWARE DESIGN
OBJECTIVE ASSESSMENT EXAM ACCURATE AND
FREQUENTLY TESTED QUESTIONS AND 100%
CORRECT ANSWERS|| LATEST AND COMPLETE
UPDATE WITH EXPERT VERIFIED SOLUTIONS||
SURE PASS
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
-fail-safe
-defense-in-depth
-separation of duties
-open design - ✔✔✔ - ANSWER: > -defense in depth
what is the analysis of computer software that is performed by executing programs
on a real or virtual processor in real time?
-dynamic analysis
-static analysis
-fuzzing
-security testing - ✔✔✔ - ANSWER: > -dynamic analysis
which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
-software security architect
-product security developer
,2|Page
-software security champion
-software tester - ✔✔✔ - ANSWER: > -software security architect
what is a list of information security vulnerabilities that aims to provide names for
publicly known problems?
-common computer vulnerabilities and exposures (CVE)
- SANS institute top cyber security risks
-bugtraq
- Carnegie melon computer emergency readiness team (CERT) - ✔✔✔ -
ANSWER: > -common computer vulnerabilities and exposures (CVE)
which secure coding best practice uses well-tested, publicly available algorithms to
hide product data from unauthorized access?
-access control
-authentication and password management
-cryptographic practices
-data protection - ✔✔✔ - ANSWER: > -cryptographic practices
which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions?
-file management
-input validation
-database security
, 3|Page
-system configuration - ✔✔✔ - ANSWER: > -system configuration
Which secure coding best practice says to use parameterized queries, encrypted
connection strings stored in separate configuration files, and strong passwords or
multi-factor authentication?
-access control
-database security
-file management
-session management - ✔✔✔ - ANSWER: > -database security
which secure coding best practice says that all information passed to other systems
should be encrypted?
-output encoding
-memory management
-communication security
-database security - ✔✔✔ - ANSWER: > -communication security
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project team
members will focus solely on the new feature until the project ends. Which
software development methodology is being used?
-Agile
-Waterfall
-Scrum
WGU D487 OA SECURE SOFTWARE DESIGN
OBJECTIVE ASSESSMENT EXAM ACCURATE AND
FREQUENTLY TESTED QUESTIONS AND 100%
CORRECT ANSWERS|| LATEST AND COMPLETE
UPDATE WITH EXPERT VERIFIED SOLUTIONS||
SURE PASS
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
-fail-safe
-defense-in-depth
-separation of duties
-open design - ✔✔✔ - ANSWER: > -defense in depth
what is the analysis of computer software that is performed by executing programs
on a real or virtual processor in real time?
-dynamic analysis
-static analysis
-fuzzing
-security testing - ✔✔✔ - ANSWER: > -dynamic analysis
which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
-software security architect
-product security developer
,2|Page
-software security champion
-software tester - ✔✔✔ - ANSWER: > -software security architect
what is a list of information security vulnerabilities that aims to provide names for
publicly known problems?
-common computer vulnerabilities and exposures (CVE)
- SANS institute top cyber security risks
-bugtraq
- Carnegie melon computer emergency readiness team (CERT) - ✔✔✔ -
ANSWER: > -common computer vulnerabilities and exposures (CVE)
which secure coding best practice uses well-tested, publicly available algorithms to
hide product data from unauthorized access?
-access control
-authentication and password management
-cryptographic practices
-data protection - ✔✔✔ - ANSWER: > -cryptographic practices
which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions?
-file management
-input validation
-database security
, 3|Page
-system configuration - ✔✔✔ - ANSWER: > -system configuration
Which secure coding best practice says to use parameterized queries, encrypted
connection strings stored in separate configuration files, and strong passwords or
multi-factor authentication?
-access control
-database security
-file management
-session management - ✔✔✔ - ANSWER: > -database security
which secure coding best practice says that all information passed to other systems
should be encrypted?
-output encoding
-memory management
-communication security
-database security - ✔✔✔ - ANSWER: > -communication security
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project team
members will focus solely on the new feature until the project ends. Which
software development methodology is being used?
-Agile
-Waterfall
-Scrum
