2025 NEW WGU C706 Secure
Software Design Exam / WGU
Master's Course C706 - Secure
Software Design New 2023 /
2025 Update Questions and
Verified Answers 100% Correct
Which due diligence activity for supply chain security should occur
in the initiation phase of the software acquisition life cycle?
A Developing a request for proposal (RFP) that includes supply
chain security risk management
B Lessening the risk of disseminating information during disposal
C Facilitating knowledge transfer between suppliers
,D Mitigating supply chain security risk by providing user guidance -
✔✔✔ANSWER-A
Which due diligence activity for supply chain security investigates
the means by which data sets are shared and assessed?
A on-site assessment
B process policy review
C third-party assessment
D document exchange and review - ✔✔✔ANSWER-D
Consider these characteristics:
-Identification of the entity making the access request
-Verification that the request has not changed since its initiation
-Application of the appropriate authorization procedures
-Reexamination of previously authorized requests by the same
entity
Which security design analysis is being described?
A Open design
B Complete mediation
,C Economy of mechanism
D Least common mechanism - ✔✔✔ANSWER-B
Which software security principle guards against the improper
modification or destruction of information and ensures the
nonrepudiation and authenticity of information?
A Quality
B Integrity
C Availability
D Confidentiality - ✔✔✔ANSWER-B
What type of functional security requirement involves receiving,
processing, storing, transmitting, and delivering in report form?
A Logging
B Error handling
C Primary dataflow
D Access control flow - ✔✔✔ANSWER-C
Which nonfunctional security requirement provides a way to
capture information correctly and a way to store that information to
help support later audits?
, A Logging
B Error handling
C Primary dataflow
D Access control flow - ✔✔✔ANSWER-A
Which security concept refers to the quality of information that
could cause harm or damage if disclosed?
A Isolation
B Discretion
C Seclusion
D Sensitivity - ✔✔✔ANSWER-D
Which technology would be an example of an injection flaw,
according to the OWASP Top 10?
A SQL
B API
C XML
D XSS - ✔✔✔ANSWER-A
Software Design Exam / WGU
Master's Course C706 - Secure
Software Design New 2023 /
2025 Update Questions and
Verified Answers 100% Correct
Which due diligence activity for supply chain security should occur
in the initiation phase of the software acquisition life cycle?
A Developing a request for proposal (RFP) that includes supply
chain security risk management
B Lessening the risk of disseminating information during disposal
C Facilitating knowledge transfer between suppliers
,D Mitigating supply chain security risk by providing user guidance -
✔✔✔ANSWER-A
Which due diligence activity for supply chain security investigates
the means by which data sets are shared and assessed?
A on-site assessment
B process policy review
C third-party assessment
D document exchange and review - ✔✔✔ANSWER-D
Consider these characteristics:
-Identification of the entity making the access request
-Verification that the request has not changed since its initiation
-Application of the appropriate authorization procedures
-Reexamination of previously authorized requests by the same
entity
Which security design analysis is being described?
A Open design
B Complete mediation
,C Economy of mechanism
D Least common mechanism - ✔✔✔ANSWER-B
Which software security principle guards against the improper
modification or destruction of information and ensures the
nonrepudiation and authenticity of information?
A Quality
B Integrity
C Availability
D Confidentiality - ✔✔✔ANSWER-B
What type of functional security requirement involves receiving,
processing, storing, transmitting, and delivering in report form?
A Logging
B Error handling
C Primary dataflow
D Access control flow - ✔✔✔ANSWER-C
Which nonfunctional security requirement provides a way to
capture information correctly and a way to store that information to
help support later audits?
, A Logging
B Error handling
C Primary dataflow
D Access control flow - ✔✔✔ANSWER-A
Which security concept refers to the quality of information that
could cause harm or damage if disclosed?
A Isolation
B Discretion
C Seclusion
D Sensitivity - ✔✔✔ANSWER-D
Which technology would be an example of an injection flaw,
according to the OWASP Top 10?
A SQL
B API
C XML
D XSS - ✔✔✔ANSWER-A
