Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

Secure-Software-Design Exam Dumps - WGU Secure Software Design (D487) Exam

Go to page:
Question # 17

After being notified of a vulnerability in the company’s online payment system, the Product Security Incident Response Team (PSIRT) was unable to recreate the vulnerability in a testing lab.

What is the response team’s next step?

A.

Determine the Severity of the Vulnerability

B.

Notify the Reporter That the Case Is Going to Be Closed

C.

Determine How the Reporter Was Able to Create the Vulnerability

D.

Identify Resources and Schedule the Fix

Full Access
Question # 18

Which category classifies identified threats that have some defenses in place and expose the application to limited exploits?

A.

Fully Mitigated Threat

B.

Unmitigated Threats

C.

Threat Profile

D.

Partially Mitigated Threat

Full Access
Question # 19

A security architect is creating a data flow diagram and draws an arrow between two circles.

What does the arrow represent?

A.

Data Store

B.

External Entity

C.

Process

D.

Data Flow

Full Access
Question # 20

What is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or distribution to provide confidentiality, integrity, and availability?

A.

Availability

B.

Integrity

C.

Confidentiality

D.

Information Security

Full Access
Question # 21

Which category classifies identified threats that have defenses in place and do not expose the application to exploits?

A.

Threat Profile

B.

Fully Mitigated Threat

C.

Partially Mitigated Threat

D.

Unmitigated Threats

Full Access
Question # 22

Which type of security analysis is limited by the fact that a significant time investment of a highly skilled team member is required?

A.

Fuzz testing

B.

Dynamic code analysis

C.

Manual code review

D.

Static code analysis

Full Access
Question # 23

A public library needs to implement security control on publicly used computers to prevent illegal downloads.

Which security control would prevent this threat?

A.

Nonrepudiation

B.

Authentication

C.

Integrity

D.

Availability

Full Access
Question # 24

Which type of manual code review technique is being used when the reviewer starts at an input control and traces its value through the application to each of the value's outputs?

A.

Risk analysis

B.

Control flow analysis

C.

Data flow analysis

D.

Threat analysis

Full Access
Go to page: