WGU C857 SOFTWARE QUALITY
ASSURANCE COMPREHENSIVE STUDY
GUIDE 2026 FULL QUESTIONS AND
SOLUTIONS GRADED A+
◍ Which configuration management security countermeasure implements least
privilege access control?.
Answer: Restricting file access to users based on authorization
◍ Which software testing approach can be used against an attacker who
manipulates input strings in banking software to gain access to another
individual's overdrawn account in order to withdraw funds?.
Answer: Misuse case testing
◍ A company is creating a new software to track customer balance and wants
to design a secure application. Which best practice should be applied?.
Answer: Create multiple layers of protection so that a subsequent layer
provides protection if a layer is breached
◍ What is the purpose of preparing SQA for a project?.
Answer: To develop and review project planning with stakeholders and
ensure compliance with standards.
◍ Which type of password attack tests for every possible value of a
parameter?.
Answer: Brute force
◍ Which type of attack allows the complete disclosure or destruction of all
data on a system and allows attackers to spoof identity, tamper with existing
data, and cause repudiation issues such as voiding transactions or changing
balances?.
, Answer: SQL injection
◍ Which phase of the software development life cycle (SDL/SDLC) would be
used to determine the minimum set of privileges required to perform the
targeted task and restrict the user to a domain with those privileges?.
Answer: Design
◍ What is the role of education in SQA?.
Answer: To ensure that all team members are knowledgeable about quality
standards and practices.
◍ Which type of attack involves exploiting a social engineering vulnerability
over voice communications?.
Answer: Vishing
◍ The activities for compliance include ensuring collected information is only
used for intended purposes, information is timely and accurate, and the
public is aware of the information collected and how it is used. Which
well-accepted secure development standard is addressed by these activities?.
Answer: PIA
◍ A project manager is given the task to come up with nonfunctional
acceptance criteria requirements for business owners as part of a project
delivery.Which nonfunctional requirement should be applied to the
acceptance criteria?.
Answer: Evaluate test execution results
◍ What is the significance of scheduling decisions in software quality?.
Answer: They ensure that dependencies are understood and that testing can
proceed in a logical order.
◍ Who is to blame for software quality issues?.
Answer: Both customers and developers share the blame; customers impose
unrealistic deadlines and changes, while developers may engage in sloppy
practices.
◍ A company is developing a secure software that has to be evaluated and
, tested by a large number of experts. Which security principle should be
applied?.
Answer: Open design
◍ What is the role of pair programming in reviews?.
Answer: It acts as a continuous desk check for immediate error discovery
and better work product quality.
◍ What is the goal of change management in SQA?.
Answer: To manage and document changes to the software effectively.
◍ Name one standard organization that produces software engineering
standards..
Answer: IEEE (Institute of Electrical and Electronics Engineers)
◍ What is 'fault tolerance' in software reliability?.
Answer: The capability of the software product to maintain a specified level
of performance despite faults.
◍ What is the impact of internal failure costs?.
Answer: Costs incurred to detect and correct errors in a product before
shipment.
◍ What are the consequences of delivering 'Good Enough' software?.
Answer: It may risk permanent damage to a company's reputation if quality
issues persist in future versions.
◍ What is the 'usability' characteristic of software?.
Answer: The capability of a software product to be understood, learned,
used, and attractive to the user.
◍ What is the focus of security management in SQA?.
Answer: To implement data privacy policies and firewall protection.
◍ Which part of the change management process addresses the needs to
identify, understand, and help leaders manage opposition throughout the
organization?.
Answer: Resistance management
ASSURANCE COMPREHENSIVE STUDY
GUIDE 2026 FULL QUESTIONS AND
SOLUTIONS GRADED A+
◍ Which configuration management security countermeasure implements least
privilege access control?.
Answer: Restricting file access to users based on authorization
◍ Which software testing approach can be used against an attacker who
manipulates input strings in banking software to gain access to another
individual's overdrawn account in order to withdraw funds?.
Answer: Misuse case testing
◍ A company is creating a new software to track customer balance and wants
to design a secure application. Which best practice should be applied?.
Answer: Create multiple layers of protection so that a subsequent layer
provides protection if a layer is breached
◍ What is the purpose of preparing SQA for a project?.
Answer: To develop and review project planning with stakeholders and
ensure compliance with standards.
◍ Which type of password attack tests for every possible value of a
parameter?.
Answer: Brute force
◍ Which type of attack allows the complete disclosure or destruction of all
data on a system and allows attackers to spoof identity, tamper with existing
data, and cause repudiation issues such as voiding transactions or changing
balances?.
, Answer: SQL injection
◍ Which phase of the software development life cycle (SDL/SDLC) would be
used to determine the minimum set of privileges required to perform the
targeted task and restrict the user to a domain with those privileges?.
Answer: Design
◍ What is the role of education in SQA?.
Answer: To ensure that all team members are knowledgeable about quality
standards and practices.
◍ Which type of attack involves exploiting a social engineering vulnerability
over voice communications?.
Answer: Vishing
◍ The activities for compliance include ensuring collected information is only
used for intended purposes, information is timely and accurate, and the
public is aware of the information collected and how it is used. Which
well-accepted secure development standard is addressed by these activities?.
Answer: PIA
◍ A project manager is given the task to come up with nonfunctional
acceptance criteria requirements for business owners as part of a project
delivery.Which nonfunctional requirement should be applied to the
acceptance criteria?.
Answer: Evaluate test execution results
◍ What is the significance of scheduling decisions in software quality?.
Answer: They ensure that dependencies are understood and that testing can
proceed in a logical order.
◍ Who is to blame for software quality issues?.
Answer: Both customers and developers share the blame; customers impose
unrealistic deadlines and changes, while developers may engage in sloppy
practices.
◍ A company is developing a secure software that has to be evaluated and
, tested by a large number of experts. Which security principle should be
applied?.
Answer: Open design
◍ What is the role of pair programming in reviews?.
Answer: It acts as a continuous desk check for immediate error discovery
and better work product quality.
◍ What is the goal of change management in SQA?.
Answer: To manage and document changes to the software effectively.
◍ Name one standard organization that produces software engineering
standards..
Answer: IEEE (Institute of Electrical and Electronics Engineers)
◍ What is 'fault tolerance' in software reliability?.
Answer: The capability of the software product to maintain a specified level
of performance despite faults.
◍ What is the impact of internal failure costs?.
Answer: Costs incurred to detect and correct errors in a product before
shipment.
◍ What are the consequences of delivering 'Good Enough' software?.
Answer: It may risk permanent damage to a company's reputation if quality
issues persist in future versions.
◍ What is the 'usability' characteristic of software?.
Answer: The capability of a software product to be understood, learned,
used, and attractive to the user.
◍ What is the focus of security management in SQA?.
Answer: To implement data privacy policies and firewall protection.
◍ Which part of the change management process addresses the needs to
identify, understand, and help leaders manage opposition throughout the
organization?.
Answer: Resistance management
