최신 Secure-Software-Design 무료덤프 - WGUSecure Software Design (KEO1)
Senior IT staff has determined that a new product will be hosted in the cloud and will support web and mobile users. Developers will need to deliver secure REST services. Android and IOS mobile apps. and a web application. Developers are currently determining how to deliver each part of the overall product.
Which phase of the software development lifecycle (SDLC) is being described?
Which phase of the software development lifecycle (SDLC) is being described?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Using a web-based common vulnerability scoring system (CVSS) calculator, a security response team member performed an assessment on a reported vulnerability in the company's claims intake component. The base score of the vulnerability was 3.5 and changed to 5.9 after adjusting temporal and environmental metrics.
Which rating would CVSS assign this vulnerability?
Which rating would CVSS assign this vulnerability?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A legacy application has been replaced by a new product that provides mobile capabilities to the company's customer base. The two products have run concurrently for the last three months to provide a fallback if the new product experienced a large-scale failure. The time has come to turn off access to the legacy application.
Which phase of the Software Development Life Cycle (SDLC) is being described?
Which phase of the Software Development Life Cycle (SDLC) is being described?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Which type of security analysis is performed by injecting malformed data into open interfaces of an executable or running application and is most commonly executed during the testing or deployment phases of the SDLC?
정답: C
Which security assessment deliverable identifies possible security vulnerabilities in the product?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
The organization is moving from a waterfall to an agile software development methodology, so the software security group must adapt the security development life cycle as well. They have decided to break out security requirements and deliverables to fit better in the iterative life cycle by defining every-sprint requirements, one- time requirements, bucket requirements, and final security review requirements.
Which type of requirement slates that the team must identify primary security and privacy contacts?
Which type of requirement slates that the team must identify primary security and privacy contacts?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A company is moving forward with a new product. Product scope has been determined, teams have formed, and backlogs have been created. Developers are actively writing code for the new product, with one team concentrating on delivering data via REST services, one Team working on the mobile apps, and a third team writing the web application.
Which phase of the software development lifecycle (SDLC) is being described?
Which phase of the software development lifecycle (SDLC) is being described?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which type of manual code review technique is being used when the reviewer starts at an input control and traces its value through the application to each of the value's outputs?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)