Exam (elaborations)
WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024
- Course
- Institution
- Book
WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024
[Show more]
Connected book
Book Title:
Author(s):
- Edition:
- ISBN:
- Edition:
More summaries for
-
WGU MASTER'S COURSE C706 - SECURE SOFTWARE DESIGN EXAM LATEST 2024 ACTUAL EXAM 400 QUESTIONS AND CORRECT DETAILED ANSWERS WITH RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED A+
Seller
Follow
tutorsection1
Reviews received
Content preview
WGU MASTER'S COURSE C706 - SECURE SOFTWAREDESIGN EXAM LATEST 2024 ACTUAL EXAM 400
QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) |ALREADY GRADED
A+
SDL - ANSWER: Security Development Lifecycle
SDLC - ANSWER: Software Development Life Cycle
Software Security - ANSWER: Building security into the software through a SDL in an
SDLC
Application Security - ANSWER: Protecting the software and the systems on which it
runs after release
the C.I.A model - ANSWER: The core elements of security
PITAC - ANSWER: President's Information Technology Advisory Committee
Quality and Security - ANSWER: In terms of coding defects, the product not only has
to work right, it also has to be secure
Trustworthy Computing(TwC) - ANSWER: The team which formed the concept that
let to Microsoft Security Development Lifecycle
Static Analysis Tools - ANSWER: Tools that look for a fixed pattern or rules in the
code in a manner similar to virus checking programs
Authorization - ANSWER: Ensures that the user has the appropriate role and privilege
Authentication - ANSWER: Ensures that the user is who he or she claims to be and
that data come from the appropriate place
Threat Modeling - ANSWER: To understand the potential security threats to the
system, determine risk, and establish appropriate mitigations. Applies principles such
as least privilege and defense-in-depth; requires human expertise and not tools to
accomplish
Attack Surface - ANSWER: The entry points and exit points of an application that may
be accessible to an attacker
Agile Method - ANSWER: A time-boxed iterative approach that facilitates a rapid and
flexible response to change, which in turn encourages evolutionary development and
, delivery while promoting adaptive planning, development, teamwork, collaboration,
and process adaptability throughout the lifecycle of the project
Bugtraq IDs - ANSWER: Identifiers for a commercially operated vulnerability that are
used in security advisories and alerts, as well as for discussions on the mailing list
Building Security in Maturity Model (BSIMM) - ANSWER: A study of real-world
software security initiatives organized so that you can determine where you stand
with your software security initiatives and how to evolve efforts over time
Common Vulnerability Scoring System (CVSS) - ANSWER: Provides an open
framework for communicating the characteristics and impacts of IT vulnerabilities
CWE - ANSWER: Common Weakness Enumeration
DAST - ANSWER: Dynamic Application Security Testing
Dynamic program analysis - ANSWER: The analysis of computer software that is
performed by executing programs on a real or virtual processor in real time
GRC - ANSWER: Governance, Risk and Compliance
ISMS - ANSWER: Information Security Management System
ISO/IEC - ANSWER: International Organization for Standardization(ISO) /
International Electrotechnical
Commission(IEC).
ISO/IEC 27001 - ANSWER: A standard that specifies a management system intended
to bring information security under formal management control
ISO/IEC 27034 - ANSWER: A standard that provides guidance to help organizations
embed security within their processes that help secure applications running in the
environment
ISO/IEC 27034-1:2011 - ANSWER: A standard for application security which offers a
concise, internationally recognized way to get transparency into vendor/supplier's
software security management process
Iterative Waterfall Development Model - ANSWER: An approach that carries less risk
than traditional approaches but is more risky and less efficient and the overall
project is divided into various phases, each executed using the traditional method
Lean - ANSWER: Focuses on features rather than groups of features, you select, plan,
develop, test, and deploy one feature before you select, plan, develop, test, and
deploy the next feature
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller tutorsection1. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
81113 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now
Recently viewed by you
