Secure-Software-Design WGU Secure Software Design (D487) Exam Questions and Answers

The OpenSAMM business function being assessed is Verification. This function involves activities related to reviewing and testing to ensure that the software meets the required security standards and practices. In the context of the question, the software security group’s focus on reviewing design artifacts to ensure compliance with organizational security standards falls under the Verification function. This includes tasks such as design review, implementation review, and security testing, which are all aimed at verifying that the security measures and controls are correctly integrated into the software design.

References: The information is verified as per the OWASP SAMM documentation, which outlines the Verification function as a core business function that encompasses activities like design review, which is directly related to the assessment of design artifacts mentioned in the question1.

Option D best addresses security change management, here's why:

Focus on Change: The question directly asks about a modification to how remote administration is secured. This aligns with the core goal of security change management, which is to evaluate and control the security implications of changes to systems.

Security-Specific: The question is explicitly concerned with security, not general functionality or requirements.

Practical Aspect: Remote administration access is a frequent target for attackers, making it a common area for security change management scrutiny.

The OpenSAMM business function being assessed is Verification. This function involves activities related to reviewing and testing to ensure that the software meets the required security standards and practices. In the context of the question, the software security group’s focus on reviewing design artifacts to ensure compliance with organizational security standards falls under the Verification function. This includes tasks such as design review, implementation review, and security testing, which are all aimed at verifying that the security measures and controls are correctly integrated into the software design.

References: The information is verified as per the OWASP SAMM documentation, which outlines the Verification function as a core business function that encompasses activities like design review, which is directly related to the assessment of design artifacts mentioned in the question1.

Fuzzing is an automated or semi-automated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program1. This process is designed to uncover coding errors, security vulnerabilities, and other potential issues within the software by observing how it behaves under unexpected or malformed inputs. Fuzzing is particularly effective because it can expose corner cases that have not been properly dealt with and can be used to test programs that take structured inputs, such as file formats or protocols2.

References: 1: Wikipedia - Fuzzing 2: DZone - Fuzzing in Software Engineering

Fuzz testing is the ideal technique in this scenario. Here's why:

Focus on Integrations: The scenario emphasizes testing links between the software, databases, web servers, and web services. Fuzz testing is specifically designed to find vulnerabilities in how software handles data and communication between components.

Pre-release Testing: The product being close to release indicates a critical need to identify security flaws before public deployment. Fuzz testing is effective in uncovering unexpected behavior and potential vulnerabilities.

Fuzz Testing Targets: Fuzz testing works by injecting invalid or unexpected data into interfaces (like those between databases, web components, etc.) to observe how the software reacts. This helps expose potential security gaps and weaknesses.

The activity being performed is the final privacy review. This step is crucial in the Ship phase of the Security Development Lifecycle (SDL), where the security team assesses if there are any changes or unresolved issues that could impact the requirements for handling personal information. These requirements are typically documented in the earlier stages of the development lifecycle, and the final privacy review ensures that the software complies with these requirements before release.

References: The explanation is based on the best practices outlined in the SDL Activities and Best Practices, which detail the importance of conducting a final privacy review during the Ship phase to ensure that all privacy issues have been addressed12.

White box testing, also known as clear box testing, glass box testing, transparent box testing, and structural testing, is a method of software testing where the internal structure, design, and coding of the software are tested to verify the flow of input-output and to improve the design, usability, and security. It involves looking at the structures that are internal to the system, with the tester having knowledge of the internal workings of the product. This type of testing is concerned with examining the internal logical structures of the program and is typically performed by stepping through the code line by line to analyze the program for potential errors, which aligns with the description of the control test in question.

References:

Control Structure Testing - GeeksforGeeks1

What is White Box Testing? - BrowserStack2

Software Testing Strategies Chapter 18 - IIT3

Data integrity requirements within a privacy impact statement ensure that personal information is maintained in an accurate and up-to-date manner. This involves establishing processes to regularly review and update personal data, as well as correct any inaccuracies. These requirements are crucial for maintaining the trustworthiness of the data and ensuring that decisions made based on this information are sound and reliable.

References:

The Office of the Privacy Commissioner of Canada’s guide on the Privacy Impact Assessment process emphasizes the importance of accuracy and currency of personal information1.

The European Union’s General Data Protection Regulation (GDPR) outlines principles for data processing, including the necessity for data to be accurate and kept up to date2.

The General Data Protection Regulation (GDPR) also includes provisions for data protection impact assessments, which involve documenting processes before starting data processing3.

The phase being described is the Deployment phase of the SDLC. This phase involves making the software available for use by customers after it has been developed, tested, and approved for release. It includes the installation of the software in the production environment, ensuring that all features are operational as intended, and obtaining formal approval from leadership to proceed with making the product available to end-users. The deployment phase is critical as it transitions the software from a development setting to a real-world operational environment.

References:

SDLC Deployment Phase – A Step by Step Guide1

Understanding the SDLC: Software Development Lifecycle Explained2

Comprehensive and Detailed In-Depth Explanation:

The scenario described indicates that the system was subjected to inputs containing random data and some structured query language (SQL) statements, leading to an exponential increase in test data. This behavior is characteristic of fuzzing, a testing technique used to identify vulnerabilities by inputting a wide range of random or unexpected data into the system.

Fuzzing aims to discover coding errors and security loopholes by bombarding the application with malformed or unexpected inputs, observing how the system responds. The presence of random characters and SQL statements suggests that the fuzzing tool was testing for vulnerabilities such as SQL injection by injecting various payloads into the system.

This approach is part of the Verification business function in the OWASP SAMM, specifically within the Security Testing practice. Security testing involves evaluating the software to identify vulnerabilities that could be exploited, and fuzzing is a common technique employed in this practice to ensure the robustness and security of the application.

References:

OWASP SAMM: Verification - Security Testing

The security assessment deliverable that identifies unmanaged code that must be kept up to date throughout the life of the product is the List of third-party software. Unmanaged code refers to code that does not run under the garbage-collected environment of the .NET Common Language Runtime, and it often includes legacy code, system libraries, or code written in languages that do not support automatic memory management. Keeping a list of third-party software is crucial because it helps organizations track dependencies and ensure they are updated, patched, and compliant with security standards. This is essential for maintaining the security posture of the software over time, as outdated components can introduce vulnerabilities.

References: The references provided from the web search results support the importance of monitoring and updating software components, including unmanaged code, as part of a secure software development lifecycle12.

The secure coding best practice that recommends using a single application-level authorization component to lock down the application if it cannot access its configuration information is known as Access Control. This practice is part of a broader set of security measures aimed at ensuring that only authorized users have access to certain functionalities or data within an application. By centralizing the authorization logic, it becomes easier to manage and enforce security policies consistently across the application. If the authorization component cannot retrieve its configuration, it defaults to a secure state, thus preventing unauthorized access1.

References: 1: OWASP Secure Coding Practices - Quick Reference Guide

The privacy impact rating for an application that stores personally identifiable information (PII), monitors users with ongoing transfers of anonymous data, and changes settings without notifying the user would be P1 high privacy risk. Storing PII already poses a significant risk due to the potential for data breaches and misuse. Monitoring users and transferring data, even if anonymous, increases the risk as it involves ongoing data collection. Changing settings without user notification is a serious privacy concern because it can lead to unauthorized data processing or sharing, further elevating the risk level.

References:

Practical Data Security and Privacy for GDPR and CCPA - ISACA1.

Privacy risk assessment and privacy-preserving data monitoring2.

How To Effectively Monitor Your Privacy Program: A New Series3.

The practice described is Code review, which is a part of secure software development best practices. Code reviews are conducted to ensure that the code adheres to accepted coding patterns and meets the team’s quality standards. This process involves the examination of source code by a person or a group other than the author to identify bugs, security vulnerabilities, and ensure compliance with coding standards.

References:

Fundamental Practices for Secure Software Development - SAFECode1.

Secure Software Development Framework | CSRC2.

Secure Software Development Best Practices - Hyperproof3.

The issue described involves a session management vulnerability where the user’s session remains active even after the browser window is closed, allowing another user on the same machine to access the application without logging in. To prevent this security risk, it’s essential to adjust the session management controls to include an automatic timeout feature. This means that after a period of inactivity, or when the browser window is closed, the session should automatically expire, requiring a new login to access the application. This adjustment ensures that even if a user forgets to log out, their session won’t remain active indefinitely, reducing the risk of unauthorized access.

References:

Secure SDLC practices emphasize the importance of security at every stage of the software development life cycle, including the implementation of proper session management controls12.

Best practices for access control in security highlight the significance of managing session timeouts to prevent unauthorized access3.

Industry standards and guidelines often recommend session timeouts as a critical security control to protect against unauthorized access4.

Validating user input data before it is processed by the application is a fundamental security control in software design. This process, known as input validation, ensures that only properly formed data is entering the workflow of the application, thereby preventing many types of attacks, including type mismatches as mentioned in the question. By validating input data, the application can reject any requests that contain unexpected or malicious data, reducing the risk of security vulnerabilities and ensuring the integrity of the system.

References:

Secure SDLC practices emphasize the importance of integrating security activities, such as creating security and functional requirements, code reviews, security testing, architectural analysis, and risk assessment, into the existing development workflow1.

A Secure Software Development Life Cycle (SSDLC) ensures that security is considered at every phase of the development process, from planning and design to coding, testing, deploying, and maintaining the software2.

Security testing reports are the deliverables that typically contain detailed results of the security evaluations performed. These reports include the types of tests conducted, such as static and dynamic analysis, penetration testing, and code reviews, as well as the number and types of vulnerabilities discovered. The purpose of these reports is to document the security posture of the software at the time of testing and to provide a basis for remediation efforts.

References: The information aligns with best practices in secure software development, which emphasize the importance of documenting security requirements and conducting risk analysis during the design phase to identify and mitigate vulnerabilities early in the SDLC12.

The Intelligence domain in the Building Security in Maturity Model (BSIMM) focuses on gathering and using information about software security. This includes understanding the types of attacks that are possible against the software being developed, which is why reviewing attack models falls under this domain. The BSIMM domain of Intelligence involves creating models of potential attacks on software (attack models), analyzing actual attacks that have occurred (attack intelligence), and sharing this information to improve security measures. By reviewing attack models, the software security group is essentially assessing the organization’s ability to anticipate and understand potential security threats, which is a key aspect of the Intelligence domain.

References: The references used to verify this answer include the official BSIMM documentation and related resources that describe the various domains and their activities within the BSIMM framework12345.

The phase being described is the Implementation phase of the SDLC. During this phase, the actual development starts, and the product begins to be built. The teams are actively writing code, which is a key activity of the Implementation phase. This phase involves translating the design and specifications into executable code, developing the software’s features, and then integrating the various components into a full-fledged system.

References:

The Software Development Life Cycle (SDLC): 7 Phases and 5 Models1.

What Is the Software Development Life Cycle? SDLC Explained2.

SDLC: 6 Main Stages of the Software Product Development Lifecycle3.

Software Development Life Cycle (SDLC) Phases & Models4.