WGU C706 – Secure Software Design Master’s
Course | 2025 New & Updated Exam Questions
with Verified Correct Answers | Comprehensive
2023–2025 Study Guide for Guaranteed Exam
Success
Which due diligence activityfor supply chain security should occur in the initiation phase
of the software acquisition life cycle?
A Developing a request for proposal (RFP) that includes supply chain security risk
management
B Lessening the risk of disseminating information during disposal
CFacilitatingknowledgetransferbetweensuppliers
,D Mitigating supply chain security risk by providing user guidance -
✔✔✔ANSWER-A
Which due diligence activity for supply chain security investigates the means by which
data sets are shared and assessed?
A on-site assessment
B process policy review
C third-party assessment
D document exchange and review - ✔✔✔ANSWER-D Consider these
characteristics:
-Identification of the entity making the access request
-Verificationthattherequesthas notchanged since its initiation
-Application of theappropriateauthorization procedures
-Reexamination of previously authorized requests by the same entity
Which security design analysis is being described?
A Open design
B Complete mediation
,C Economy of mechanism
D Least common mechanism - ✔✔✔ANSWER-B
Which software security principle guards against the improper modification or
destruction of information and ensures the nonrepudiation and authenticity of
information?
A Quality
B Integrity
C Availability
D Confidentiality - ✔✔✔ANSWER-B
Whattype of functional securityrequirement involves receiving, processing, storing,
transmitting, and delivering in report form?
A Logging
BErrorhandling
C Primarydataflow
D Access control flow - ✔✔✔ANSWER-C
Which nonfunctional security requirement provides a way to capture information
correctlyand a way to store thatinformation to help support later audits?
, A Logging
BErrorhandling
C Primarydataflow
D Access control flow - ✔✔✔ANSWER-A
Which security conceptrefers to the quality of information that could cause harm or
damage if disclosed?
A Isolation
B Discretion
C Seclusion
D Sensitivity - ✔✔✔ANSWER-D
Whichtechnologywould be an example of an injectionflaw, according to the OWASP Top
10?
A SQL
B API
C XML
D XSS - ✔✔✔ANSWER-A
Course | 2025 New & Updated Exam Questions
with Verified Correct Answers | Comprehensive
2023–2025 Study Guide for Guaranteed Exam
Success
Which due diligence activityfor supply chain security should occur in the initiation phase
of the software acquisition life cycle?
A Developing a request for proposal (RFP) that includes supply chain security risk
management
B Lessening the risk of disseminating information during disposal
CFacilitatingknowledgetransferbetweensuppliers
,D Mitigating supply chain security risk by providing user guidance -
✔✔✔ANSWER-A
Which due diligence activity for supply chain security investigates the means by which
data sets are shared and assessed?
A on-site assessment
B process policy review
C third-party assessment
D document exchange and review - ✔✔✔ANSWER-D Consider these
characteristics:
-Identification of the entity making the access request
-Verificationthattherequesthas notchanged since its initiation
-Application of theappropriateauthorization procedures
-Reexamination of previously authorized requests by the same entity
Which security design analysis is being described?
A Open design
B Complete mediation
,C Economy of mechanism
D Least common mechanism - ✔✔✔ANSWER-B
Which software security principle guards against the improper modification or
destruction of information and ensures the nonrepudiation and authenticity of
information?
A Quality
B Integrity
C Availability
D Confidentiality - ✔✔✔ANSWER-B
Whattype of functional securityrequirement involves receiving, processing, storing,
transmitting, and delivering in report form?
A Logging
BErrorhandling
C Primarydataflow
D Access control flow - ✔✔✔ANSWER-C
Which nonfunctional security requirement provides a way to capture information
correctlyand a way to store thatinformation to help support later audits?
, A Logging
BErrorhandling
C Primarydataflow
D Access control flow - ✔✔✔ANSWER-A
Which security conceptrefers to the quality of information that could cause harm or
damage if disclosed?
A Isolation
B Discretion
C Seclusion
D Sensitivity - ✔✔✔ANSWER-D
Whichtechnologywould be an example of an injectionflaw, according to the OWASP Top
10?
A SQL
B API
C XML
D XSS - ✔✔✔ANSWER-A
