1|Page
WGU Master's Course C706 - Secure Software Design
EXAM 2026/2027 ||VERIFIED EXAM!!!|| MOST RECENT
EXAM ACTUAL COMPLETE REAL EXAM QUESTIONS
AND CORRECT ANSWERS (VERIFIED ANSWERS)
ALREADY GRADED A+ || NEWEST EXAM!!!
Which technology would be an example of an injection
flaw, according to the OWASP Top 10?
A SQL
B API
C XML
D XSS - Answer-A
A company is creating a new software to track customer
balance and wants to design a secure application.
Which best practice should be applied?
A Develop a secure authentication method that has a
closed design
,2|Page
B Allow mediation bypass or suspension for software
testing and emergency planning
C Ensure there is physical acceptability to ensure software
is intuitive for the users to do their jobs
D Create multiple layers of protection so that a
subsequent layer provides protection if a layer is breached
- Answer-D
A company is developing a secure software that has to be
evaluated and tested by a large number of experts.
Which security principle should be applied?
A Fail safe
B Open design
C Defense in depth
D Complete mediation - Answer-B
Which type of TCP scanning indicates that a system is
moving to the second phase in a three-way TCP
handshake?
,3|Page
A TCP SYN scanning
B TCP ACK scanning
C TCP XMAS scanning
D TCP Connect scanning - Answer-A
Which evaluation technique provides invalid, unexpected,
or random data to the inputs of a computer software
program?
A Fuzz testing
B Static analysis
C Dynamic analysis
D Regression testing - Answer-A
Which approach provides an opportunity to improve the
software development life cycle by tailoring the process to
the specific risks facing the organization?
A Agile methodology
B Waterfall methodology
C Building security in maturity model (BSIMM)
, 4|Page
D Software assurance maturity model (SAMM) - Answer-D
Which phase contains sophisticated software development
processes that ensure that feedback from one phase
reaches to the previous phase to improve future results?
A Initial
B Managed
C Optimizing
D Repeatable - Answer-C
The activities for compliance include ensuring collected
information is only used for intended purposes, information
is timely and accurate, and the public is aware of the
information collected and how it is used.
Which well-accepted secure development standard is
addressed by these activities?
A PIA
B PA-DSS
C PCI-DSS
WGU Master's Course C706 - Secure Software Design
EXAM 2026/2027 ||VERIFIED EXAM!!!|| MOST RECENT
EXAM ACTUAL COMPLETE REAL EXAM QUESTIONS
AND CORRECT ANSWERS (VERIFIED ANSWERS)
ALREADY GRADED A+ || NEWEST EXAM!!!
Which technology would be an example of an injection
flaw, according to the OWASP Top 10?
A SQL
B API
C XML
D XSS - Answer-A
A company is creating a new software to track customer
balance and wants to design a secure application.
Which best practice should be applied?
A Develop a secure authentication method that has a
closed design
,2|Page
B Allow mediation bypass or suspension for software
testing and emergency planning
C Ensure there is physical acceptability to ensure software
is intuitive for the users to do their jobs
D Create multiple layers of protection so that a
subsequent layer provides protection if a layer is breached
- Answer-D
A company is developing a secure software that has to be
evaluated and tested by a large number of experts.
Which security principle should be applied?
A Fail safe
B Open design
C Defense in depth
D Complete mediation - Answer-B
Which type of TCP scanning indicates that a system is
moving to the second phase in a three-way TCP
handshake?
,3|Page
A TCP SYN scanning
B TCP ACK scanning
C TCP XMAS scanning
D TCP Connect scanning - Answer-A
Which evaluation technique provides invalid, unexpected,
or random data to the inputs of a computer software
program?
A Fuzz testing
B Static analysis
C Dynamic analysis
D Regression testing - Answer-A
Which approach provides an opportunity to improve the
software development life cycle by tailoring the process to
the specific risks facing the organization?
A Agile methodology
B Waterfall methodology
C Building security in maturity model (BSIMM)
, 4|Page
D Software assurance maturity model (SAMM) - Answer-D
Which phase contains sophisticated software development
processes that ensure that feedback from one phase
reaches to the previous phase to improve future results?
A Initial
B Managed
C Optimizing
D Repeatable - Answer-C
The activities for compliance include ensuring collected
information is only used for intended purposes, information
is timely and accurate, and the public is aware of the
information collected and how it is used.
Which well-accepted secure development standard is
addressed by these activities?
A PIA
B PA-DSS
C PCI-DSS
