WGU D487: Secure Software Design
__., __., __., __., __.,
Actual Questions with 100% Correct __., __., __., __., __.,
Answers. __.,
What is the first phase in the security development life cycle?
__., __., __., __., __., __., __., __., __., __., __.,__., A1
__., __.,
Security Assessment
__.,
What are internal resources?
__., __., __., __.,__., resources from the company's
__., __., __., __., __.,
organization
What are secure testing scripts?
__., __., __., __., __.,__., __., scripts created specifically for the
__., __., __., __., __.,
application being tested __., __.,
What is white box testing?
__., __., __., __., __.,__., __., tests from an internal perspective with
__., __., __., __., __., __.,
full knowledge of the software
__., __., __., __.,
Which software security testing technique tests the software from an
__., __., __., __., __., __., __., __., __., __.,
external perspective?
__., black box __.,__., __., __.,
What are the three areas of compliance requirements?
__., __., __., __., __., __., __., __.,__., __., Legal, __.,
financial, and industry standards
__., __., __.,
What term refers to how the system should function based on the
__., __., __., __., __., __., __., __., __., __., __., __.,
environment in which the system will operate?
__., operational
__., __., __., __., __., __.,__., __., __.,
requirements
, Which practice in the Ship (A5) phase of the security development cycle
__., __., __., __., __., __., __., __., __., __., __., __.,
verifies whether the product meets security mandates?
__., A5 policy
__., __., __., __., __., __.,__., __., __., __.,
compliance analysis __.,
Which post- __.,
release support activity defines the process to communicate, identify, and
__., __., __., __., __., __., __., __., __., __.,
alleviate security threats?
__., PRSA1: External vulnerability disclosure
__., __.,__., __., __., __., __., __.,
response
What are two core practice areas of the OWASP Security Assurance
__., __., __., __., __., __., __., __., __., __., __.,
Maturity Model (OpenSAMM)? __., Governance, Construction __., __.,__., __., __.,
Which practice in the Ship (A5) phase of the security development cycle
__., __., __., __., __., __., __., __., __., __., __., __.,
uses tools to identify weaknesses in the product?
__., __., __., Vulnerability scan __., __., __., __., __.,__., __., __.,
Which post- __.,
release support activity should be completed when companies are joining
__., __., __., __., __., __., __., __., __., __.,
together? Security architectural reviews
__.,__., __., __., __.,
Which of the Ship (A5) deliverables of the security development cycle are
__., __., __., __., __., __., __., __., __., __., __., _
performed during the A5 policy compliance analysis?
_., __., Analyze __., __., __., __., __., __.,__., __., __.,
activities and standards __., __.,
Which of the Ship (A5) deliverables of the security development cycle are
__., __., __., __., __., __., __., __., __., __., __., _
performed during the code-assisted penetration testing?
_., __., white- __., __., __., __., __.,__., __.,
box security test
__., __.,