Free WGU Secure-Software-Design Exam Questions

The security team is reviewing all noncommercial software libraries used in the new product to ensure they are being used according to the legal specifications defined by the authors. What activity of the Ship SDL phase is being performed? 

Which software-testing technique can be automated or semi-automated and provides invalid, unexpected, or random data to the inputs of a computer software program?

Using a web-based common vulnerability scoring system (CVSS) calculator, a security response teammember performed an assessment on a reported vulnerability in the company's claims intake component. Thebase score of the vulnerability was 3.5 and changed to 5.9 after adjusting temporal and environmental metrics.Which rating would CVSS assign this vulnerability?

While performing functional testing of the ordering feature in the new product, a tester noticed that the orderobject was transmitted to the POST endpoint of the API as a human-readable JSON object.How should existing security controls be adjusted to prevent this in the future?

Company leadership has discovered an untapped revenue stream within its customer base and wants to meetwith IT to share its vision for the future and determine whether to move forward.Which phase of the software development lifecycle (SDLC) is being described?