WGU D487 PRE ASSESSMENT SECURE
SOFTWARE DESIGN (KE01) (PKEO) EXAM
WITH 100% CORRECT AND VERIFIED
ANSWERS
Correct 60
100%
Incorrect 00
Your answers
1 of 60
Term
The enterprise security team discovered a vulnerability in
a third- party logging tool that could allow unauthorized
access to
application logs. The vulnerability is fixed in a new release
of the
third-party product. How should existing security controls
be adjusted to prevent this in the future?
Give this one a try later!
Ensure third party
libraries are kept up to Ensure passwords and
date and reviewed private information are
consistently. not logged
,Ensure log files provide audit Ensure auditing and logging
trails for sensitive are enabled on all servers
transactions
, Don't know?
2 of 60
Term
A new product will require an administration section for a
small
number of users. Normal users will be able to view limited
customer information and should not see admin
functionality within the
application. Which concept is being used?
Give this one a try later!
Principle of organizations Principle of greatest privilege
Principle of least privilege Principle of need to know
Don't know?
3 of 60
Term
Which secure coding best practice says to use
parameterized queries, encrypted connection strings
stored in separate
configuration files, and strong passwords or multi-factor
authentication?
Give this one a try later!
, Database security Software security
Communication security Database recovery
Don't know?
4 of 60
Term
The organization's testing team has created a catalog of
test cases using the source code and design documentation
of the new
product. Each test case will be executed for each user role
in the
new product. Which type of security testing technique is
being performed?
Give this one a try later!
Bug Bounty White-box
Gray-box Black-box
Don't know?
SOFTWARE DESIGN (KE01) (PKEO) EXAM
WITH 100% CORRECT AND VERIFIED
ANSWERS
Correct 60
100%
Incorrect 00
Your answers
1 of 60
Term
The enterprise security team discovered a vulnerability in
a third- party logging tool that could allow unauthorized
access to
application logs. The vulnerability is fixed in a new release
of the
third-party product. How should existing security controls
be adjusted to prevent this in the future?
Give this one a try later!
Ensure third party
libraries are kept up to Ensure passwords and
date and reviewed private information are
consistently. not logged
,Ensure log files provide audit Ensure auditing and logging
trails for sensitive are enabled on all servers
transactions
, Don't know?
2 of 60
Term
A new product will require an administration section for a
small
number of users. Normal users will be able to view limited
customer information and should not see admin
functionality within the
application. Which concept is being used?
Give this one a try later!
Principle of organizations Principle of greatest privilege
Principle of least privilege Principle of need to know
Don't know?
3 of 60
Term
Which secure coding best practice says to use
parameterized queries, encrypted connection strings
stored in separate
configuration files, and strong passwords or multi-factor
authentication?
Give this one a try later!
, Database security Software security
Communication security Database recovery
Don't know?
4 of 60
Term
The organization's testing team has created a catalog of
test cases using the source code and design documentation
of the new
product. Each test case will be executed for each user role
in the
new product. Which type of security testing technique is
being performed?
Give this one a try later!
Bug Bounty White-box
Gray-box Black-box
Don't know?
