WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
WhatAisAaAstepAforAconstructingAaAthreatAmodelAforAaAprojectAwhenAusingApracticalAriskAanalysis?
AAAlignAyourAbusinessAgoals
BAApplyAengineeringAmethods
CAEstimateAprobabilityAofAprojectAtime
DAMakeAaAlistAofAwhatAyouAareAtryingAtoAprotectA-AANSWER-D
WhichAcyberAthreatsAareAtypicallyAsurgicalAbyAnature,AhaveAhighlyAspecificAtargeting,AandAareAtechnologi
callyAsophisticated?
AATacticalAattacks
BACriminalAattacks
CAStrategicAattacks
DAUser-specificAattacksA-AANSWER-A
WhichAtypeAofAcyberattacksAareAoftenAintendedAtoAelevateAawarenessAofAaAtopic?
AACyberwarfare
BATacticalAattacks
CAUser-specificAattacks
DASociopoliticalAattacksA-AANSWER-D
WhatAtypeAofAattackAlocksAaAuser'sAdesktopAandAthenArequiresAaApaymentAtoAunlockAit?
AAPhishing
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
BAKeylogger
CARansomware
DADenial-of-serviceA-AANSWER-C
WhatAisAaAcountermeasureAagainstAvariousAformsAofAXMLAandAXMLApathAinjectionAattacks?
AAXMLAnameAwrapping
BAXMLAunicodeAencoding
CAXMLAattributeAescaping
DAXMLAdistinguishedAnameAescapingA-AANSWER-C
WhichAcountermeasureAisAusedAtoAmitigateASQLAinjectionAattacks?
AASQLAFirewall
BAProjectedAbijection
CAQueryAparameterization
DAProgressiveAColdFusionA-AANSWER-C
WhatAisAanAappropriateAcountermeasureAtoAanAescalationAofAprivilegeAattack?
AAEnforcingAstrongApasswordApolicies
BAUsingAstandardAencryptionAalgorithmsAandAcorrectAkeyAsizes
CAEnablingAtheAauditingAandAloggingAofAallAadministrationAactivities
DARestrictingAaccessAtoAspecificAoperationsAthroughArole-basedAaccessAcontrolsA-AANSWER-D
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
WhichAconfigurationAmanagementAsecurityAcountermeasureAimplementsAleastAprivilegeAaccessAcontrol?
AAFollowingAstrongApasswordApoliciesAtoArestrictAaccess
BARestrictingAfileAaccessAtoAusersAbasedAonAauthorization
CAAvoidingAclearAtextAformatAforAcredentialsAandAsensitiveAdata
DAUsingAAESA256AencryptionAforAcommunicationsAofAaAsensitiveAnatureA-AANSWER-B
WhichAphaseAofAtheAsoftwareAdevelopmentAlifeAcycleA(SDL/SDLC)AwouldAbeAusedAtoAdetermineAtheAmi
nimumAsetAofAprivilegesArequiredAtoAperformAtheAtargetedAtaskAandArestrictAtheAuserAtoAaAdomainAwit
hAthoseAprivileges?
AADesign
BADeploy
CADevelopment
DAImplementationA-AANSWER-A
WhichAleastAprivilegeAmethodAisAmoreAgranularAinAscopeAandAgrantsAspecificAprocessesAonlyAtheAprivil
egesAnecessaryAtoAperformAcertainArequiredAfunctions,AinsteadAofAgrantingAthemAunrestrictedAaccessAt
oAtheAsystem?
AAEntitlementAprivilege
BASeparationAofAprivilege
CAAggregationAofAprivileges
DASegregationAofAresponsibilitiesA-AANSWER-B
WhyAdoesAprivilegeAcreepAposeAaApotentialAsecurityArisk?
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
AAUserAprivilegesAdoAnotAmatchAtheirAjobArole.
BAWithAmoreAprivileges,AthereAareAmoreAresponsibilities.
CAAuditingAwillAshowAaAmismatchAbetweenAindividualAresponsibilitiesAandAtheirAaccessArights.
DAUsersAhaveAmoreAprivilegesAthanAtheyAneedAandAmayAperformAactionsAoutsideAtheirAjobAdescription.
A-AANSWER-D
AAsystemAdeveloperAisAimplementingAaAnewAsalesAsystem.ATheAsystemAdeveloperAisAconcernedAthatAun
authorizedAindividualsAmayAbeAableAtoAviewAsensitiveAcustomerAfinancialAdata.
WhichAfamilyAofAnonfunctionalArequirementsAshouldAbeAconsideredAasApartAofAtheAacceptanceAcriteria?
AAIntegrity
BAAvailability
CANonrepudition
DAConfidentialityA-AANSWER-D
AAprojectAmanagerAisAgivenAtheAtaskAtoAcomeAupAwithAnonfunctionalAacceptanceAcriteriaArequirements
AforAbusinessAownersAasApartAofAaAprojectAdelivery.
WhichAnonfunctionalArequirementAshouldAbeAappliedAtoAtheAacceptanceAcriteria?
AAGiveAsearchAoptionsAtoAusers
BAEvaluateAtestAexecutionAresults
CADivideAusersAintoAgroupsAandAgiveAthemAseparateArights
DADevelopAsoftwareAthatAkeepsAdownwardAcompatibilityAintactA-AANSWER-B
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
WhatAisAaAstepAforAconstructingAaAthreatAmodelAforAaAprojectAwhenAusingApracticalAriskAanalysis?
AAAlignAyourAbusinessAgoals
BAApplyAengineeringAmethods
CAEstimateAprobabilityAofAprojectAtime
DAMakeAaAlistAofAwhatAyouAareAtryingAtoAprotectA-AANSWER-D
WhichAcyberAthreatsAareAtypicallyAsurgicalAbyAnature,AhaveAhighlyAspecificAtargeting,AandAareAtechnologi
callyAsophisticated?
AATacticalAattacks
BACriminalAattacks
CAStrategicAattacks
DAUser-specificAattacksA-AANSWER-A
WhichAtypeAofAcyberattacksAareAoftenAintendedAtoAelevateAawarenessAofAaAtopic?
AACyberwarfare
BATacticalAattacks
CAUser-specificAattacks
DASociopoliticalAattacksA-AANSWER-D
WhatAtypeAofAattackAlocksAaAuser'sAdesktopAandAthenArequiresAaApaymentAtoAunlockAit?
AAPhishing
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
BAKeylogger
CARansomware
DADenial-of-serviceA-AANSWER-C
WhatAisAaAcountermeasureAagainstAvariousAformsAofAXMLAandAXMLApathAinjectionAattacks?
AAXMLAnameAwrapping
BAXMLAunicodeAencoding
CAXMLAattributeAescaping
DAXMLAdistinguishedAnameAescapingA-AANSWER-C
WhichAcountermeasureAisAusedAtoAmitigateASQLAinjectionAattacks?
AASQLAFirewall
BAProjectedAbijection
CAQueryAparameterization
DAProgressiveAColdFusionA-AANSWER-C
WhatAisAanAappropriateAcountermeasureAtoAanAescalationAofAprivilegeAattack?
AAEnforcingAstrongApasswordApolicies
BAUsingAstandardAencryptionAalgorithmsAandAcorrectAkeyAsizes
CAEnablingAtheAauditingAandAloggingAofAallAadministrationAactivities
DARestrictingAaccessAtoAspecificAoperationsAthroughArole-basedAaccessAcontrolsA-AANSWER-D
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
WhichAconfigurationAmanagementAsecurityAcountermeasureAimplementsAleastAprivilegeAaccessAcontrol?
AAFollowingAstrongApasswordApoliciesAtoArestrictAaccess
BARestrictingAfileAaccessAtoAusersAbasedAonAauthorization
CAAvoidingAclearAtextAformatAforAcredentialsAandAsensitiveAdata
DAUsingAAESA256AencryptionAforAcommunicationsAofAaAsensitiveAnatureA-AANSWER-B
WhichAphaseAofAtheAsoftwareAdevelopmentAlifeAcycleA(SDL/SDLC)AwouldAbeAusedAtoAdetermineAtheAmi
nimumAsetAofAprivilegesArequiredAtoAperformAtheAtargetedAtaskAandArestrictAtheAuserAtoAaAdomainAwit
hAthoseAprivileges?
AADesign
BADeploy
CADevelopment
DAImplementationA-AANSWER-A
WhichAleastAprivilegeAmethodAisAmoreAgranularAinAscopeAandAgrantsAspecificAprocessesAonlyAtheAprivil
egesAnecessaryAtoAperformAcertainArequiredAfunctions,AinsteadAofAgrantingAthemAunrestrictedAaccessAt
oAtheAsystem?
AAEntitlementAprivilege
BASeparationAofAprivilege
CAAggregationAofAprivileges
DASegregationAofAresponsibilitiesA-AANSWER-B
WhyAdoesAprivilegeAcreepAposeAaApotentialAsecurityArisk?
, WGU MASTER'S COURSE C706 - SECURE SOFTWARE
DESIGN EXAM LATEST 2025-2026 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
AAUserAprivilegesAdoAnotAmatchAtheirAjobArole.
BAWithAmoreAprivileges,AthereAareAmoreAresponsibilities.
CAAuditingAwillAshowAaAmismatchAbetweenAindividualAresponsibilitiesAandAtheirAaccessArights.
DAUsersAhaveAmoreAprivilegesAthanAtheyAneedAandAmayAperformAactionsAoutsideAtheirAjobAdescription.
A-AANSWER-D
AAsystemAdeveloperAisAimplementingAaAnewAsalesAsystem.ATheAsystemAdeveloperAisAconcernedAthatAun
authorizedAindividualsAmayAbeAableAtoAviewAsensitiveAcustomerAfinancialAdata.
WhichAfamilyAofAnonfunctionalArequirementsAshouldAbeAconsideredAasApartAofAtheAacceptanceAcriteria?
AAIntegrity
BAAvailability
CANonrepudition
DAConfidentialityA-AANSWER-D
AAprojectAmanagerAisAgivenAtheAtaskAtoAcomeAupAwithAnonfunctionalAacceptanceAcriteriaArequirements
AforAbusinessAownersAasApartAofAaAprojectAdelivery.
WhichAnonfunctionalArequirementAshouldAbeAappliedAtoAtheAacceptanceAcriteria?
AAGiveAsearchAoptionsAtoAusers
BAEvaluateAtestAexecutionAresults
CADivideAusersAintoAgroupsAandAgiveAthemAseparateArights
DADevelopAsoftwareAthatAkeepsAdownwardAcompatibilityAintactA-AANSWER-B
