WGUSecure Software Design (KEO1) Exam (Secure-Software-Design) Free Practice Test

Question 1

A legacy application has been replaced by a new product that provides mobile capabilities to the company's customer base. The two products have run concurrently for the last three months to provide a fallback if the new product experienced a large-scale failure. The time has come to turn off access to the legacy application.
Which phase of the Software Development Life Cycle (SDLC) is being described?

A. Design

B. Planning

C. End of Life

D. Maintenance

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 2

Which secure coding best practice ensures sensitive information is not disclosed in any responses to users, authorized or unauthorized?

A. Input Validation

B. System Configuration

C. Authentication and Password Management

D. Error Handling and Logging

Correct Answer: D

Question 3

A company is moving forward with a new product. Product scope has been determined, teams have formed, and backlogs have been created. Developers are actively writing code for the new product, with one team concentrating on delivering data via REST services, one Team working on the mobile apps, and a third team writing the web application.
Which phase of the software development lifecycle (SDLC) is being described?

A. Implementation

B. Design

C. Deployment

D. Requirements

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

During fuzz testing of the new product, random values were entered into input elements Search requests were sent to the correct API endpoint but many of them failed on execution due to type mismatches.
How should existing security controls be adjusted to prevent this in the future?

A. Ensure all user input data is validated prior to transmitting requests

B. Ensure sensitive transactions can be traced through an audit log

C. Ensure all requests and responses are encrypted

D. Ensure the contents of authentication cookies are encrypted

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

Which secure software design principle states that it is always safer to require agreement of more than one entity to make a decision?

A. Separation of Privileges

B. Psychological Acceptability

C. Total Mediation

D. Least Privilege

Correct Answer: A

Question 6

Which mitigation technique can be used to fight against a denial of service threat?

A. Throttling

B. Timestamps

C. Digital signatures

D. Protect secrets

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 7

The software security team prepared a detailed schedule napping security development lifecycle phases to the type of analysis they will execute.
Which design and development deliverable aid the team prepare?

A. Security test plans

B. Privacy implementation assessment results

C. Updated threat modeling artifacts

D. Design security review

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Welcome to TestSimulate

WGUSecure Software Design (KEO1) (Secure-Software-Design) Free Practice Test