Free and Premium WGU Secure-Software-Design Dumps Questions Answers

The core issue here is cleartext transmission of sensitive data, and option C directly addresses this:

Addressing the Problem: The scenario reveals the vulnerability is the lack of encryption during data transmission (the GET response). Ensuring encryption in transit fixes this specific exploit.

Transport Layer Security: Encryption during transit is typically achieved through protocols like TLS (HTTPS), preventing the interception of sensitive information.

The Intelligence domain in the Building Security in Maturity Model (BSIMM) focuses on gathering and using information about software security. This includes understanding the types of attacks that are possible against the software being developed, which is why reviewing attack models falls under this domain. The BSIMM domain of Intelligence involves creating models of potential attacks on software (attack models), analyzing actual attacks that have occurred (attack intelligence), and sharing this information to improve security measures. By reviewing attack models, the software security group is essentially assessing the organization’s ability to anticipate and understand potential security threats, which is a key aspect of the Intelligence domain.

References: The references used to verify this answer include the official BSIMM documentation and related resources that describe the various domains and their activities within the BSIMM framework12345.

Modifying the source code is typically associated with the patch management step in the change management process. Patch management involves the acquisition, testing, and installation of code changes, which can include updates, bug fixes, or improvements to existing software. This step ensures that modifications to the software are made in a controlled and systematic manner, maintaining the integrity and security of the software throughout the change.

References: The information provided aligns with industry-standard practices for change management in software engineering1.

Security testing reports are the deliverables that typically contain detailed results of the security evaluations performed. These reports include the types of tests conducted, such as static and dynamic analysis, penetration testing, and code reviews, as well as the number and types of vulnerabilities discovered. The purpose of these reports is to document the security posture of the software at the time of testing and to provide a basis for remediation efforts.

References: The information aligns with best practices in secure software development, which emphasize the importance of documenting security requirements and conducting risk analysis during the design phase to identify and mitigate vulnerabilities early in the SDLC12.

After completing vulnerability scans and penetration analysis, security testers document the results to share with stakeholders, such as the organization’s largest customers. The deliverable being prepared in this context is the Security testing reports. These reports typically include detailed findings from the security assessments, explanations of the vulnerabilities discovered, the potential risks they pose, and recommendations for remediation. The purpose of these reports is to provide transparency about the security posture of the software or system and to guide the organization in addressing the identified security issues12. References: 1, 2

Comprehensive and Detailed In-Depth Explanation:

The scenario describes a stage where the developed features are deployed to a pre-production environment for verification by analysts. This aligns with the Testing phase of the Software Development Life Cycle (SDLC).

In the Testing phase, the system undergoes various evaluations to ensure it meets the specified requirements and functions correctly. This includes deploying the software in an environment that simulates production to identify and rectify defects before the actual deployment. The primary goal is to validate the software's quality and performance.

According to the SDLC framework, after the development (coding) phase, the next step is Testing, where the system is rigorously evaluated. This phase is crucial to detect issues that may not have been apparent during development and to ensure that the software operates as intended in a controlled setting before live deployment.

References:

Software Development Life Cycle Documentation

ASF Authentication Threats: The Web Application Security Frame (ASF) authentication category encompasses threats related to how users and systems prove their identity to the application. This includes issues like weak passwords, compromised credentials, and inadequate access controls.

Role-Based Access Control (RBAC): RBAC is a well-established security principle that aligns closely with addressing authentication threats. It involves assigning users to roles and granting those roles specific permissions based on the principle of least privilege. This limits the attack surface and reduces the impact of a compromised user account.

Let's analyze the other options:

B. Credentials and tokens are encrypted: While vital for security, encryption primarily protects data at rest or in transit. It doesn't directly address authentication risks like brute-force attacks or weak password management.

C. Cookies have expiration timestamps: Expiring cookies are a good practice, but their primary benefit is session management rather than directly mitigating authentication-specific threats.

D. Sensitive information is scrubbed from error messages: While essential for preventing information leakage, this practice doesn't address the core threats within the ASF authentication category.

References:

NIST Special Publication 800-53 Revision 4, Access Control (AC) Family: ( ) Details the importance of RBAC as a cornerstone of access control.

The Web Application Security Frame (ASF): ( ) Outlines the ASF categories, with authentication being one of the primary areas.

The Common Vulnerability Scoring System (CVSS) uses the following ranges to determine the severity rating of a vulnerability:

0.1 - 3.9: Low severity

4.0 - 6.9: Medium severity

7.0 - 8.9: High severity

9.0 - 10.0: Critical severity

Since the adjusted score for the vulnerability is 5.9, it falls within the High severity range.

References:

CVSS v3.1 Specification Document - FIRST: 

National Vulnerability Database (NVD) - NIST: 

The secure coding best practice that emphasizes treating all incoming data as untrusted and subjecting it to validation is known as input validation. This practice is crucial for ensuring that a system only processes valid, clean data, thereby preventing many types of vulnerabilities, such as SQL injection, cross-site scripting (XSS), and buffer overflows, which can arise from maliciously crafted inputs.

Input validation involves verifying that the data meets certain criteria before it is processed by the system. This includes checking for the correct data type, length, format, and range. It also involves sanitizing the data to ensure that it does not contain any potentially harmful elements that could lead to security breaches.

A centralized input validation routine is recommended for the entire application, which helps in maintaining consistency and effectiveness in the validation process. This routine should be implemented on a trusted system, typically server-side, to prevent tampering or bypassing of the validation logic.

It’s important to classify all data sources into trusted and untrusted categories and to apply rigorous validation to all data from untrusted sources, such as user input, databases, file streams, and network interfaces.

By adhering to the input validation best practice, developers can significantly reduce the attack surface of their applications and protect against a wide array of common security threats.

References: The verified answer is supported by the Secure Coding Practices outlined by the OWASP Foundation1 and other reputable sources such as Coding Dojo2 and CERT Secure Coding3.

Comprehensive and Detailed In-Depth Explanation:

The Open Web Application Security Project (OWASP) Software Assurance Maturity Model (SAMM) is a framework designed to help organizations assess and improve their software security posture. SAMM is structured around five primary business functions: Governance, Design, Implementation, Verification, and Operations.

In this scenario, the focus is on reviewing design artifacts to ensure compliance with organizational security standards. This activity aligns with the Verification business function within SAMM. The Verification function encompasses security practices related to assessing and validating the security of software artifacts throughout the development lifecycle. Key practices under this function include:

Design Review: Evaluating design documents and models to identify potential security issues and ensure that security requirements are adequately addressed.

Code Review: Analyzing source code to detect security vulnerabilities and ensure adherence to secure coding standards.

Security Testing: Conducting various testing methodologies, such as penetration testing and vulnerability scanning, to identify and remediate security weaknesses in the software.

By focusing on the Verification function, the organization aims to proactively identify and address security concerns during the design and development phases, thereby enhancing the overall security posture of their software products.

References:

OWASP SAMM - Verification

The privacy impact rating for an application that stores personally identifiable information (PII), monitors users with ongoing transfers of anonymous data, and changes settings without notifying the user would be P1 high privacy risk. Storing PII already poses a significant risk due to the potential for data breaches and misuse. Monitoring users and transferring data, even if anonymous, increases the risk as it involves ongoing data collection. Changing settings without user notification is a serious privacy concern because it can lead to unauthorized data processing or sharing, further elevating the risk level.

References:

Practical Data Security and Privacy for GDPR and CCPA - ISACA1.

Privacy risk assessment and privacy-preserving data monitoring2.

How To Effectively Monitor Your Privacy Program: A New Series3.

A threat profile is a security assessment deliverable that identifies possible security vulnerabilities in a product. It involves a systematic examination of the product to uncover any weaknesses that could potentially be exploited by threats. The process typically includes identifying the assets that need protection, assessing the threats to those assets, and evaluating the vulnerabilities that could be exploited by those threats. This deliverable is crucial for understanding the security posture of a product and for prioritizing remediation efforts.

References: The importance of a threat profile in identifying security vulnerabilities is supported by various security resources. For instance, Future Processing’s blog on vulnerability assessments outlines the steps involved in identifying security vulnerabilities, which align with the creation of a threat profile1. Additionally, UpGuard’s article on conducting vulnerability assessments further emphasizes the role of identifying vulnerabilities as part of the security assessment process2.

The phase being described is the Design phase of the SDLC. During this phase, developers and IT staff determine the architectural and operational details of the product, which includes decisions on how to deliver various components such as secure REST services, mobile apps, and web applications. The Design phase is crucial for setting the foundation for the development work that will follow, ensuring that the product will be secure, scalable, and maintainable.

References: The information aligns with the descriptions of the SDLC phases provided in resources such as GitHub’s explanation of the SDLC1 and other industry-standard software development lifecycle resources234.

The phase being described is the Planning phase of the SDLC. This initial stage involves gathering business requirements and evaluating the feasibility of the project. It’s when the company leadership would typically meet with IT and other stakeholders to share visions for the future, discuss potential revenue streams, and determine the project’s direction before moving forward with development. This phase is crucial for setting the groundwork for all subsequent phases of the SDLC.

References:

The Software Development Life Cycle (SDLC): 7 Phases and 5 Models1.

What Is the Software Development Life Cycle? SDLC Explained2.

Software Development Life Cycle (SDLC) Phases & Models3.

To combat identity spoofing threats, a mitigation technique that is often used is requiring user authorization. This involves implementing strong authentication methods to verify the identity of users before granting access to sensitive information or systems. Techniques such as two-factor authentication (2FA) or multi-factor authentication (MFA) are effective in reducing the risk of unauthorized access, as they require users to provide multiple pieces of evidence to confirm their identity, making it much harder for attackers to spoof an identity successfully.

References:

Best practices for preventing spoofing attacks, including the use of antivirus and firewall tools, and the importance of strong authentication methods like 2FA and MFA1.

The National Security Agency’s guidance on identity theft threats and mitigations, emphasizing the need for personal protection and strong authentication measures2.

Discussion on the effectiveness of strong authentication methods in protecting against spoofing attacks3.

The role of comprehensive identity verification and authentication strategies in preventing AI-enhanced identity fraud4.

White box testing, also known as clear box testing, glass box testing, transparent box testing, and structural testing, is a method of software testing where the internal structure, design, and coding of the software are tested to verify the flow of input-output and to improve the design, usability, and security. It involves looking at the structures that are internal to the system, with the tester having knowledge of the internal workings of the product. This type of testing is concerned with examining the internal logical structures of the program and is typically performed by stepping through the code line by line to analyze the program for potential errors, which aligns with the description of the control test in question.

References:

Control Structure Testing - GeeksforGeeks1

What is White Box Testing? - BrowserStack2

Software Testing Strategies Chapter 18 - IIT3

The task described involves assessing a document management application that has been in use for many years. This scenario typically requires a security strategy that addresses the unique challenges of legacy code. Legacy code refers to software that has been around for a long time and may not have been developed with current security standards in mind. A security strategy for legacy code would include measures to ensure that the application complies with current organizational policies, which may involve code reviews, updates, and the implementation of modern security practices to mitigate any potential vulnerabilities inherent in older code12.

References:

Remotebase, “Best Practices for Managing Legacy Code”

Medium, “The Engineer’s Complete Guide to Legacy Code”

Parasoft, “Testing Legacy Code & 3 Steps to Update”

The term ‘availability’ in the context of Secure Software Development Lifecycle (SDL) refers to ensuring that systems, applications, and data are accessible to authorized users when needed. This means that the information must be timely and reliable, without undue delays or interruptions. Availability is a critical aspect of security, as it ensures that the software functions correctly and efficiently, providing users with the information they need to perform their tasks.

References:

The definition of availability as per the National Institute of Standards and Technology (NIST) Glossary1.

The Microsoft Security Development Lifecycle (SDL) which emphasizes the importance of availability in secure software design2.

General principles of Secure Software Development Life Cycle (SSDLC) that include availability as a key security goal3.

The step in threat modeling that involves collecting exploitable weaknesses within the product is Identify and document threats. This step is crucial as it directly addresses the identification of potential security issues that could be exploited. It involves a detailed examination of the system to uncover vulnerabilities that could be targeted by threats.

References: The OWASP Foundation’s Threat Modeling Process outlines a structured approach where identifying and documenting threats is a key step1. Additionally, various sources on threat modeling agree that the identification of threats is a fundamental aspect of the process, as it allows for the subsequent analysis and mitigation of these threats2345.

Fuzzing is an automated or semi-automated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program1. This process is designed to uncover coding errors, security vulnerabilities, and other potential issues within the software by observing how it behaves under unexpected or malformed inputs. Fuzzing is particularly effective because it can expose corner cases that have not been properly dealt with and can be used to test programs that take structured inputs, such as file formats or protocols2.

References: 1: Wikipedia - Fuzzing 2: DZone - Fuzzing in Software Engineering