100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO) QUESTIONS AND ANSWERS 2024 $17.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K
  4.  
  5. WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K

Exam (elaborations)

WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO) QUESTIONS AND ANSWERS 2024
 0 view  0 purchase
  • Course
  • WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K
  • Institution
  • WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K

WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO) QUESTIONS AND ANSWERS 2024

Preview 2 out of 11  pages

Document information

  • September 22, 2024
  • 11
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • wgu
  • wgu d487
  • keo1
  • pkeo
  • wgu d487 pre assessment secure software design
  • d487 pre assessment secure software design
  • secure software design keo1 pkeo

Written for

  • WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K
  • WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (K

Seller

avatar-seller
Teacher101

Reviews received

Content preview

WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE
DESIGN (KEO1) (PKEO)

A potential threat was discovered during functional testing of a file upload
component when a QA analyst was allowed to upload a shell script. Users should
only be allowed to upload image files.How should existing security controls be
adjusted to prevent this in the future? - ANSWERS-Validate all user input



The final security review determined that all security issues identified in testing
have been resolved and all SDL requirements have been met. What is the result of
the final security review? - ANSWERS-Passed



The security team is reviewing all threat models, identified vulnerabilities, and
documented requirements. They are also performing static and dynamic analysis
on the software product to determine if it is ready for release. Which activity of
the Ship SDL phase is being performed? - ANSWERS-Final security review



The security team is reviewing whether new security requirements, based on
identified threats or changes to organizational guidelines, can be implemented
prior to releasing the new product.Which activity of the Ship SDL phase is being
performed? - ANSWERS-Policy compliance analysis



An organizational security review discovered multiple database instances that
were installed using publicly available default settings, including security and
access. How should the organization remediate this vulnerability? - ANSWERS-
Ensure default accounts and passwords are disabled or removed

, During penetration testing, an analyst discovered a DOM-based (document object
model) cross-site scripting vulnerability within the applications search bar that
could allow an attacker to insert malicious code. How should the organization
remediate this vulnerability? - ANSWERS-Enforce encoding of special characters



Application credentials are stored in the database using simple hashes to store
passwords. An undiscovered credential recovery flaw allowed a security analyst to
download the database and expose passwords using their GPU to crack the simple
encryption. How should the organization remediate this vulnerability? -
ANSWERS-Enforce the use of strong, salted hashing functions when storing
passwords



During functional testing, a QA analyst using a non-admin account caused an
application exception. After the exception was handled, the tester was able to
navigate to the admin section of the application by typing the URL directly into
the browser address bar. They were unable to force the same navigation before
the exception was thrown. How should the organization remediate this
vulnerability? - ANSWERS-Ensure user privileges are restored to the appropriate
level after exceptions



The product security incident response team (PSIRT) determined a reported
vulnerability was credible and of a high enough severity that it needs to be fixed.
What is the response team's next step? - ANSWERS-Identify resources and
schedule the fix

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Teacher101. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72349 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$17.99
  • (0)
  Add to cart