C706 WGU EXAM QUESTIONS WITH 100%
ANSWERS
Open Design Security Principle - -security of a mechanism should not
depend on the secrecy of its design or implementation
-Strategic attacks - -user general targeting against a broad industry. highly
repeatable and
-Tactical attacks - -surgical by nature, have highly specific targeting, and
are technologically sophisticated
-User specific attacks - -can be strategic, tactical, or personal in nature, and
target personal devices that may be either consumer or enterprise owned.
-Socio-political attacks - -intended to elevate awareness of a topic such as
politics or social movements.
-Fail Safe Security Principle - -unless a subject is given explicit access to an
object, it should be denied access to that object.
-Complete Mediation Security Principle - -requires that all accesses to
objects be checked to ensure they are allowed. When ever a subject
attempts to read an object, the operating system should mediate the action.
-Defense in Depth - -Using multiple layers of security to defend your assets.
-Software Assurance Maturity Model (SAMM) - -an approach that provides
an opportunity to improve the software development life cycle by tailoring
the process to the specific risks facing the organization.
-Configuration Control (SCM) - -Ensures that changes to software versions
are made in accordance with the change and configuration management
policies.
-Request Control (SCM) - -provides users with a framework to request
changes and developers with the opportunity to prioritize those requests.
-Privacy Impact Assessment (PIA) - -Activities for compliance include
ensuring collected information is only used for intended purposes,
information is timely and accurate, and the public is
-XML attribute escaping - -a countermeasure against various forms of XML
and XML path injection attacks.
, -Nonfunctional acceptance criteria - -form measurable criteria that can be
used to gauge the success of an overall system, solution, or product.
Defined in terms of metrics (something that can be measured about the
system
example: reviewing test results, areas such as efficiency, privacy,
confidentiality, authorization, etc.
-Functional acceptance criteria - -describes the behavior of the system as it
relates to the system's functionality.
- ex: a system must send an email whenever a certain condition is met.
Condition could include an order being placed, a customer signs up for
something, etc.
-TCP three-way handshake - -SYN, SYN/ACK, ACK
-Parallel run - -a component of the change management process that has
the new system and the old system operating at the same time.
-Direct cutover - -on a particular date, the old systems stop being used and
new systems are used.
This implementation is quicker and cheaper but it is risky. If the new
implementation has an operational problem or is not properly prepared, it
could be an incident for the organization.
-Phased approach - -different functions of the new applications are used as
functions from the old system are turned off.
-Backout procedure - -specifies the processes required to restore a system
to its original or earlier state, in the event of a failed or aborted
implementation.
-Positive testing - -system works as expected with expected data.
determine if the application works as expected.
-Negative testing - -How the system behaves with unexpected data (should
reject the data). Ensures that your application can gracefully handle invalid
input or unexpected user behavior.
-Application interface testing - -Use to validate whether systems or
components pass data and control information properly.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Victorious23. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £8.52. You're not tied to anything after your purchase.