Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Secure-Software-Design Exam Dumps - WGU Courses and Certificates Questions and Answers

Question # 14

What sits between a browser and an internet connection and alters requests and responses in a way the developer did not intend?

Options:

A.

Load testing

B.

Input validation

C.

Intercept proxy

D.

Reverse engineering

Buy Now
Question # 15

Which secure coding best practice ensures sensitive information is not disclosed in any responses to users, authorized or unauthorized?

Options:

A.

Authentication and Password Management

B.

Input Validation

C.

System Configuration

D.

Error Handling and Logging

Buy Now
Question # 16

Which category classifies identified threats that do not have defenses in place and expose the application to exploits?

Options:

A.

Fully mitigated threat

B.

Threat profile

C.

Unmitigated threats

D.

Partially mitigated threat

Buy Now
Question # 17

Which secure coding best practice ensures sensitive information is not disclosed in any responses to users, authorized or unauthorized?

Options:

A.

Input validation

B.

System configuration

C.

Authentication and password management

D.

Error handling and logging

Buy Now
Question # 18

Which mitigation technique is used to fight against an identity spoofing threat?

Options:

A.

Require user authorization

B.

Filtering

C.

Audit trails

D.

Encryption

Buy Now
Question # 19

Which type of security analysis is performed by injecting malformed data into open interfaces of an executable or running application and is most commonly executed during the testing or deployment phases of the SDLC?

Options:

A.

Static Analysis

B.

Fuzz Testing

C.

Dynamic Analysis

D.

Manual Code Review

Buy Now
Question # 20

Which secure coding practice involves clearing all local storage as soon as a user logs of for the night and will automatically log a user out after an hour of inactivity?

Options:

A.

Access control

B.

System configuration

C.

Communication security

D.

Session management

Buy Now
Question # 21

Which type of security analysis is limited by the fact that a significant time investment of a highly skilled team member is required?

Options:

A.

Fuzz testing

B.

Dynamic code analysis

C.

Manual code review

D.

Static code analysis

Buy Now
Question # 22

The scrum team decided that before any change can be merged and tested, it must be looked at by the learns lead developer, who will ensure accepted coding patterns are being followed and that the code meets the team's quality standards.

Which category of secure software best practices is the team performing?

Options:

A.

Architecture analysis

B.

Penetration testing

C.

Code review

D.

Training

Buy Now
Question # 23

In which step of the PASTA threat modeling methodology is vulnerability and exploit analysis performed?

Options:

A.

Define technical scope

B.

Attack modeling

C.

Define objectives

D.

Application decomposition

Buy Now
Exam Name: WGU Secure Software Design (D487) Exam
Last Update: Mar 15, 2025
Questions: 113
Secure-Software-Design pdf

Secure-Software-Design PDF

$25.5  $84.99
Secure-Software-Design Engine

Secure-Software-Design Testing Engine

$28.5  $94.99
Secure-Software-Design PDF + Engine

Secure-Software-Design PDF + Testing Engine

$40.5  $134.99