WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO) Exam Questions With Revised Correct Answers BEST UPDATED!!
6 views 0 purchase
Course
WGU D487 PRE-ASSESSMENT
Institution
WGU D487 PRE-ASSESSMENT
WGU D487 PRE-ASSESSMENT: SECURE
SOFTWARE DESIGN (KEO1) (PKEO)
Exam Questions With Revised Correct
Answers
BEST UPDATED!!
1) What are the 11 security design principles? - ANSWER
Least privilege, Separation of duties, Defense in depth, fail
safe, Economy of mechanism, Complete media...
1) What are the 11 security design principles? - ANSWER
Least privilege, Separation of duties, Defense in depth, fail-
safe, Economy of mechanism, Complete mediation, Open
Design, Least common mechanism, Psychological
acceptability, Weakest link, Leveraging existing
components
2) Software Security Maturity Models and the SDL
- ANSWER OWASP's Open Software Assurance Maturity
Model (OpenSAMM)
Building Security in Maturity Model
3) OpenSAMM: Governance
- ANSWER is centered on the processes and activities
related to how an organization manages overall software
development activities. More specifically, this includes
,concerns confronting cross-cut groups involved in development
as well as business processes that are established at the
organization level.
4) OpenSAMM: Construction
- ANSWER concerns the processes and activities related to
how an organization defines goals and creates software within
development projects. In general, this includes product
management, requirements gathering, high-level architecture
specifications, detailed design, and implementation.
5) OpenSAMM: Verification
- ANSWER focused on the processes and activities related
to how an organization checks and tests artifacts produced
throughout software development. This typically includes
quality assurance (QA) work such as testing, but it can also
include other review and evaluation activities.
6) OpenSAMM: Deployment
- ANSWER entails the processes and activities related to
how an organization manages the release of software that has
been created. This can involve shipping products to end users,
deploying products to internal or external hosts, and normal
operations of software in the runtime environment.
7) Governance Core Practice Areas
- ANSWER Strategy and Metrics (SM), Policy and
Compliance (PC), Education and Guidance (EG)
, 8) Construction Core Practice Areas
- ANSWER Threat Assessment (TA), Security Requirements
(SR), Secure Architecture (SA)
9) Verification Core Practice Areas
Design Review (DR), Code Review (CR), Security Testing (ST)
Deployment Core Practice Areas
Vulnerability Management (VM), Environment Hardening (EH),
Operation Enablement (OE)
The scrum team is attending their morning meeting, which is
scheduled atthe beginning of the work day. Each team member
reports what they accomplished yesterday, what they plan to
accomplish today, and if they have any impediments that may
cause them to miss their delivery deadline.
Daily scrum
Which secure coding best practice says to use parameterized
queries, encrypted connection strings stored in separate
configuration files, and strong passwords or multi-factor
authentication?
Database security
Which secure coding best practice says that all information
passed to other systems should be encrypted?
Communication security
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EWLindy. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
