WGU-C706 Secure Software Design (Pre-
Assessment) Exam Newest 2026 Questions and
Correct Detailed Answers Already Graded A+
Which well-accepted secure development standard is addressed by these
activities? - CORRECT ANSWER-PIA
An organization is in the process of building an application for its banking
software.
Which security coding practice must the organization follow? - CORRECT
ANSWER-Conduct data validation
What is included in a typical job description of a software security champion
(SSC)? - CORRECT ANSWER-Consider all possible paths of attack or exploits
Which role is a training champion of software security, an advocate for the overall
SDL process, and a proponent for promulgating and enforcing the overall
software product security program? - CORRECT ANSWER-Software
security evangelist (SSE)
,Which role requires the technical capability to be trained as a software security
architect who then assists the centralized software security group with
architecture security analysis and threat modeling? - CORRECT ANSWER-
Software champion
An application development team is designing and building an application that
interfaces with a back-end database.
Which activity should be included when constructing a threat model for the
application? - CORRECT ANSWER-Decompose the application to
understand how it interacts with external entities
What is the third step for constructing a threat model for identifying a spoofing
threat? - CORRECT ANSWER-Decompose threats
What is a step for constructing a threat model for a project when using practical
risk analysis? - CORRECT ANSWER-Make a list of what you are trying to
protect
, Which cyber threats are typically surgical by nature, have highly specific targeting,
and are technologically sophisticated? - CORRECT ANSWER-Tactical
attacks
Which type of cyberattacks are often intended to elevate awareness of a topic? -
CORRECT ANSWER-Sociopolitical attacks
What type of attack locks a user's desktop and then requires a payment to unlock
it? - CORRECT ANSWER-Ransomware
What is a countermeasure against various forms of XML and XML path injection
attacks? - CORRECT ANSWER-XML attribute escaping
Which countermeasure is used to mitigate SQL injection attacks? - CORRECT
ANSWER-Query parameterization
What is an appropriate countermeasure to an escalation of privilege attack? -
CORRECT ANSWER-Restricting access to specific operations through role-
based access controls
Assessment) Exam Newest 2026 Questions and
Correct Detailed Answers Already Graded A+
Which well-accepted secure development standard is addressed by these
activities? - CORRECT ANSWER-PIA
An organization is in the process of building an application for its banking
software.
Which security coding practice must the organization follow? - CORRECT
ANSWER-Conduct data validation
What is included in a typical job description of a software security champion
(SSC)? - CORRECT ANSWER-Consider all possible paths of attack or exploits
Which role is a training champion of software security, an advocate for the overall
SDL process, and a proponent for promulgating and enforcing the overall
software product security program? - CORRECT ANSWER-Software
security evangelist (SSE)
,Which role requires the technical capability to be trained as a software security
architect who then assists the centralized software security group with
architecture security analysis and threat modeling? - CORRECT ANSWER-
Software champion
An application development team is designing and building an application that
interfaces with a back-end database.
Which activity should be included when constructing a threat model for the
application? - CORRECT ANSWER-Decompose the application to
understand how it interacts with external entities
What is the third step for constructing a threat model for identifying a spoofing
threat? - CORRECT ANSWER-Decompose threats
What is a step for constructing a threat model for a project when using practical
risk analysis? - CORRECT ANSWER-Make a list of what you are trying to
protect
, Which cyber threats are typically surgical by nature, have highly specific targeting,
and are technologically sophisticated? - CORRECT ANSWER-Tactical
attacks
Which type of cyberattacks are often intended to elevate awareness of a topic? -
CORRECT ANSWER-Sociopolitical attacks
What type of attack locks a user's desktop and then requires a payment to unlock
it? - CORRECT ANSWER-Ransomware
What is a countermeasure against various forms of XML and XML path injection
attacks? - CORRECT ANSWER-XML attribute escaping
Which countermeasure is used to mitigate SQL injection attacks? - CORRECT
ANSWER-Query parameterization
What is an appropriate countermeasure to an escalation of privilege attack? -
CORRECT ANSWER-Restricting access to specific operations through role-
based access controls
