Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

WGU D487 Secure Software Design OB Actual Exam Bundle Questions And Answers Latest Update Guaranteed Pass 2026

Rating
-
Sold
-
Pages
101
Grade
A+
Uploaded on
03-01-2026
Written in
2025/2026

WGU D487 Secure Software Design OB Actual Exam Bundle Questions And Answers Latest Update Guaranteed Pass

Institution
Nursing Course
Course
Nursing course

Content preview

,1. Which DREAD category is based on how easily a threat exploit can be repeated?

A. Repeatability
B. Reciprocity
C. Reconstruction
D. Reproducibility

✔ Correct Answer: B. Reciprocity

Rationale:
In DREAD, Reciprocity refers to how easily an attack can be repeated or reproduced by others.



2. The security team is reviewing whether new security requirements can be implemented before
releasing a new product. Which Ship SDL phase activity is this?

A. Policy compliance analysis
B. Policy compliance review
C. Every-sprint requirement
D. Final security review

✔ Correct Answer: B. Policy compliance review

Rationale:
Policy compliance review checks whether new or updated security requirements can be implemented
before the product ships.



3. What type of analysis involves executing software on a real or virtual processor in real time?

A. Coverage analysis
B. Static analysis
C. Dynamic analysis
D. Memory analysis

✔ Correct Answer: C. Dynamic analysis

Rationale:
Dynamic analysis runs the program during execution to observe its real-time behavior.

,4. After confirming a vulnerability and developing a fix scheduled for release, what is the next step for
the security response team?

A. Notify customers that the fix is available
B. Notify the reporter the case is closing
C. Identify resources and schedule the fix
D. Identify the team that owns the product

✔ Correct Answer: A. Notify customers that the fix is available

Rationale:
Once a patch is ready and scheduled, the team must inform customers so they know a fix will be
released.



5. What is a countermeasure for the Web Application Security Frame (ASF) configuration management
threat category?

A. Static analysis
B. Security requirement
C. Privacy requirement
D. Compliance requirement

✔ Correct Answer: B. Security requirement

Rationale:
A security requirement helps ensure proper configuration management and reduces related security
risks.



6. During sprint zero, a team member who writes feature logic and attends all sprint
ceremonies is being introduced. Which role does this person play?

A. Web developer
B. Software engineer
C. Software developer
D. Systems analyst

✔ Correct Answer: C. Software developer

Rationale:
A software developer writes the application logic and participates in sprint activities as part of the Scrum
team.

, 7. Which secure coding best practice uses well-tested, publicly available algorithms to protect data
from unauthorized access?

A. System configuration
B. Digital signatures
C. Cryptographic practices
D. Database security

✔ Correct Answer: C. Cryptographic practices

Rationale:
Cryptographic practices ensure data confidentiality by using strong, vetted encryption algorithms.



8. PSIRT has confirmed a vulnerability is credible and high severity. What is the next step?

A. Identify internal resources
B. Identify resources and schedule the fix
C. Create the SDL project outline
D. Notify customers that the fix is available

✔ Correct Answer: B. Identify resources and schedule the fix

Rationale:
After confirming a vulnerability, PSIRT must assign resources and plan the fix before notifying
customers.



9. A security analyst cracked user passwords because simple hashes were used. How should the
organization remediate the issue?

A. Enforce the use of strong, salted hashing functions
B. Ensure server-side queries are parameterized
C. Apply a security strategy for M&A products
D. Use the principle of least privilege

✔ Correct Answer: A. Enforce the use of strong, salted hashing functions

Rationale:
Passwords should always be stored using strong, salted cryptographic hashing to prevent cracking.



10. The security team is reviewing threat models, vulnerabilities, and requirements while running
static and dynamic analysis before release. Which Ship SDL activity is this?

A. Code-assisted penetration testing
B. Open-source licensing review

Written for

Institution
Nursing course
Course
Nursing course

Document information

Uploaded on
January 3, 2026
Number of pages
101
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • wgu d487 secure software
$28.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
SmartAchiever Walden University
View profile
Follow You need to be logged in order to follow users or courses
Sold
259
Member since
4 year
Number of followers
123
Documents
939
Last sold
2 days ago
A+ GUARANTEED

Welcome to SMARTACHIEVER! Your one-stop destination for achieving top grades with confidence! At SMARTACHIEVER, my mission is to provide you with high-quality, credible study materials to help you excel academically. Whether you're preparing for exams, tackling assignments, or diving into research, I’ve got you covered with: Verified study guides Exam assignments Research papers Test banks Recently revised and updated materials I’m committed to ensuring every document meets the highest standards to set you up for success. You’ll find everything you need to ace your exams and achieve your academic goals right here! Why choose SMARTACHIEVER? Guaranteed high-quality materials 24/7 availability for support and questions Reliable resources for past and current exams Don’t forget to leave a review after your purchase and refer a friend to share the success! Let’s achieve greatness together. Success starts here!

Read more Read less
4.5

139 reviews

5
113
4
9
3
3
2
6
1
8

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions