100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU C706 Secure Software Design Study Guide Questions and Answers Latest Update Assured Success.. $17.99   Add to cart

Exam (elaborations)

WGU C706 Secure Software Design Study Guide Questions and Answers Latest Update Assured Success..

 1 view  0 purchase
  • Course
  • Institution

WGU C706 Secure Software Design Study Guide Questions and Answers Latest Update Assured Success..docx

Preview 3 out of 21  pages

  • December 2, 2023
  • 21
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
WGU C706 Secure Software Design Study Guide
Questions and Answers 2022-2023 Latest Update
Assured Success.
1. Confidentiality - ✅✅Information is not made available or disclosed to
unauthorized individuals, entities, or processes. Ensures unauthorized
persons are not able to read private and sensitive data. It is achieved
through cryptography.


2. Integrity - ✅✅Ensures unauthorized persons or channels are not able to
modify the data. It is accomplished through the use of a message digest or
digital signatures.


3. Availability - ✅✅The computing systems used to store and process
information, the security controls used to protect information, and the
communication channels used to access information must be functioning
correctly. Ensures system remains operational even in the event of a failure
or an attack. It is achieved by providing redundancy or fault tolerance for a
failure of a system and its components.


4. Ensure Confidentiality - ✅✅Public Key Infrastructure (PKI) and
Cryptography/Encryption


5. Ensure Availability - ✅✅Offsite back-up and Redundancy


6. Ensure Integrity - ✅✅Hashing, Message Digest (MD5), non repudiation
and digital signatures




P a g e 1 | 21

,7. Software Architect - ✅✅Moves analysis to implementation and analyzes
the requirements and use cases as activities to perform as part of the
development process; can also develop class diagrams.


8. Security Practitioner Roles - ✅✅Release Manager,
9. Architect, Developer, Business Analyst/Project Manager


10.Release Manager - ✅✅Deployment


11.Architect - ✅✅Design


12.Developer - ✅✅Coding


13.Business Analyst/Project Manager - ✅✅Requirements Gathering


14.Red Team - ✅✅Teams of people familiar with the infrastructure of the
company and the languages of the software being developed. Their mission
is to kill the system as the developers build it.


15.Static Analysis - ✅✅A method of computer program debugging that is
done by examining the code without executing the program. The process
provides an understanding of the code structure, and can help to ensure
that the code adheres to industry standards. It's also referred as code
review.


16.MD5 Hash - ✅✅A widely used hash function producing a 128-bit hash
value. Initially designed to be used as a cryptographic hash function, it has
been found to suffer from extensive vulnerabilities. It can still be used as a
checksum to verify data integrity, but only against unintentional corruption.
P a g e 2 | 21

, 17.SHA-256 (Secure Hash Algorithm) - ✅✅One of a number of cryptographic
hash functions. A cryptographic hash is like a signature for a text or a data
file. Generates an almost-unique, fixed size 32-byte
18.(32 X 8) hash. Hash is a one-way function - it cannot be decrypted.


19.Advanced Encryption Standard (AES) - ✅✅A symmetric encryption
algorithm. The algorithm was developed by two Belgian cryptographers
Joan Daemen and Vincent Rijmen. Designed to be efficient in both
hardware and software, and supports a block length of 128 bits and key
lengths of 128, 192, and 256 bits.


20.Algorithms used to verify integrity - ✅✅MD5 Hash, SHA-256


21.Algorithm used to verify confidentiality - ✅✅Advanced Encryption
Standard (AES)


22.Stochastic - ✅✅unintentional or accidental


23.safety-relevant faults - ✅✅stochastic (i.e., unintentional or accidental)


24.security-relevant faults - ✅✅"Sponsored," i.e., intentionally created and
activated through conscious and intentional human agency.


25.Fuzz Testing - ✅✅Used to see if the system has solid exception handling to
the input it receives. Is the use of malformed or random input into a system
in order to intentionally produce failure. This is a very easy process of
feeding garbage to the system when it expects a formatted input, and it is
always a good idea to feed as much garbage as possible to an input field.

P a g e 3 | 21

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjoe. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67096 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling

Recently viewed by you


$17.99
  • (0)
  Add to cart