WGU C706 Secure Software Design Exam (Latest 2023/ 2024 Update) | Questions and Verified Answers| 100% Correct| Grade A

WGU C706 Secure Software Design Exam

(Latest 2023/ 2024 Update) | Questions and

Verified Answers| 100% Correct| Grade A

Q: A hacker has used a design flaw in an application to obtain unauthorized access to the

application.

Which type of attack has occurred?

A buffer overflow

B backdoor

C escalation of privileges

D maintenance hook

Answer:

C

Q: During the recent development of a new application, the customer requested a change. You

must implement this change according to the change control process.

What is the first step you should implement?

A Analyze the change request.

B Submit the change results to the management.

C Acquire management approval.

D Record the change request.

Answer:

A

Q: Which interface language is an application programming interface (API) that can be

configured to allow any application to query databases?

A JDBC

B XML

C OLE DB

D ODBC

Answer:

D

Q: Which type of channel is used when one process writes data to a hard drive and another

process reads it?

A covert storage channel

B overt storage channel

C overt timing channel

D covert timing channel

Answer:

A

Q: Which type of malicious attack uses Visual Basic scripting?

A dumpster diving attack

B denial of service attack

C Trojan horse attack

D social engineering attack

Answer:

C

Q: All of the following are countermeasures for session management attacks, EXCEPT:

A Implement pre- and post-validation controls.

B Encrypt cookies that include information about the state of the connection.

C Implement time stamps or time-based validation.

D Implement randomized session IDs.

Answer:

A

Q: Which tool assists in application development design layout as a part of application

development life cycle?

A Aggregation

B Delphi

C Spiral

D CASE

Answer:

D

Q: What is a characteristic of maintaining logs in a system?

A Logging provides access control by authenticating user credentials.

B Logging helps an administrator to detect security breaches and vulnerable points in a network.

C Logging provides audit trails but enhances security violations.

D Logging prevents security violations but only deals with passive monitoring.

Answer:

B

Q: Your company has purchased an expert system that uses if-then-else reasoning to obtain

more data than is currently available.

Which expert system processing technique is being implemented?

A forward-chaining technique

B backward-chaining technique

C waterfall model

D spiral model

Answer:

A

Q: Which type of malicious code is hidden inside an otherwise benign program when the

program is written?

A worm

B logic bomb

C Trojan horse

D virus

Answer:

C

Q: Which statement is true of a software development life cycle?

A Parallel testing verifies whether more than one system is available for redundancy.

B A software programmer should be the only person to develop the software, test it, and submit

it to production

C Unit testing should be performed by the developer and the quality assurance team.

D Workload testing should be performed while designing the functional requirements.

Answer:

C

Q: Your organization has several diskless computer kiosks that boot via optical media located

in the office lobby. Recently, users reported that the diskless computers have been infected with

a virus.

What should you do to ensure the virus is removed?

A Launch an anti-virus program on the diskless computers via a USB flash drive.

B Remotely launch an anti-virus program on the diskless computers.

C Reboot the server to which the diskless computers connect.

D Reboot the diskless computers.

Answer:

D