The product development team is preparing for the production deployment of recent feature enhancements.
One morning, they noticed the amount of test data grew exponentially overnight. Most fields were filled with random characters, but some structured query language was discovered.
Which type of security development lifecycle (SDL) tool was likely being used?
The product security incident response team (PSIRT) has decided to make a formal public disclosure, including base and temporal common vulnerability scoring system (CVSS) scores and a common vulnerabilities and exposures (CVE) ID report, of an externally discovered vulnerability.
What is the most likely reason for making a public disclosure?
Recent vulnerability scans discovered that the organization's production web servers were responding to ping requests with server type, version, and operating system, which hackers could leverage to plan attacks.
How should the organization remediate this vulnerability?
The final security review determined that two low-risk security issues identified in testing are still outstanding. Developers have assured the security team that both issues can be resolved quickly once they have time to fix them. The security team is confident that developers can fix the flaws in the first post-release patch.
What is the result of the final security review?
The software security group is conducting a maturity assessment using the Building Security in Maturity Model (BSIMM). They are currently focused on reviewing attack models created during recently completed initiatives.
Which BSIMM domain is being assessed?
Enter your email address to download WGU.Secure-Software-Design.v2025-08-21.q44 Dumps
