1
WGU D487 Secure Software Design Objective
Assessment (OA) QUESTIONS AND CORRECT
ANSWERS 2026 GET IT CORRECT !!!
Which practice in the Ship (A5) phase of the security
development cycle verifies whether the product meets
security mandates? -
-Solution
A5 policy compliance analysis
Which post-release support activity defines the process
to communicate, identify, and alleviate security threats?
-
-Solution
PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security
Assurance Maturity Model (OpenSAMM)? -
-Solution
Governance, Construction
Which practice in the Ship (A5) phase of the security
development cycle uses tools to identify weaknesses in
the product? -
-Solution
Vulnerability scan
Which post-release support activity should be
completed when companies are joining together? -
-Solution
Security architectural reviews
,2
Which of the Ship (A5) deliverables of the security
development cycle are performed during the A5 policy
compliance analysis? -
-Solution
Analyze activities and standards
Which of the Ship (A5) deliverables of the security
development cycle are performed during the code-
assisted penetration testing? -
-Solution
white-box security test
Which of the Ship (A5) deliverables of the security
development cycle are performed during the open-
source licensing review? -
-Solution
license compliance
Which of the Ship (A5) deliverables of the security
development cycle are performed during the final
security review? -
-Solution
Release and ship
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on agile? -
-Solution
iterative development
, 3
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on devops? -
-Solution
continuous integration and continuous deployments
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on cloud? -
-Solution
API invocation processes
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on digital enterprise? -
-Solution
enables and improves business activities
Which phase of penetration testing allows for
remediation to be performed? -
-Solution
Deploy
Which key deliverable occurs during post-release
support? -
-Solution
third-party reviews
Which business function of OpenSAMM is associated
with governance? -
-Solution
WGU D487 Secure Software Design Objective
Assessment (OA) QUESTIONS AND CORRECT
ANSWERS 2026 GET IT CORRECT !!!
Which practice in the Ship (A5) phase of the security
development cycle verifies whether the product meets
security mandates? -
-Solution
A5 policy compliance analysis
Which post-release support activity defines the process
to communicate, identify, and alleviate security threats?
-
-Solution
PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security
Assurance Maturity Model (OpenSAMM)? -
-Solution
Governance, Construction
Which practice in the Ship (A5) phase of the security
development cycle uses tools to identify weaknesses in
the product? -
-Solution
Vulnerability scan
Which post-release support activity should be
completed when companies are joining together? -
-Solution
Security architectural reviews
,2
Which of the Ship (A5) deliverables of the security
development cycle are performed during the A5 policy
compliance analysis? -
-Solution
Analyze activities and standards
Which of the Ship (A5) deliverables of the security
development cycle are performed during the code-
assisted penetration testing? -
-Solution
white-box security test
Which of the Ship (A5) deliverables of the security
development cycle are performed during the open-
source licensing review? -
-Solution
license compliance
Which of the Ship (A5) deliverables of the security
development cycle are performed during the final
security review? -
-Solution
Release and ship
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on agile? -
-Solution
iterative development
, 3
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on devops? -
-Solution
continuous integration and continuous deployments
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on cloud? -
-Solution
API invocation processes
How can you establish your own SDL to build security
into a process appropriate for your organization's needs
based on digital enterprise? -
-Solution
enables and improves business activities
Which phase of penetration testing allows for
remediation to be performed? -
-Solution
Deploy
Which key deliverable occurs during post-release
support? -
-Solution
third-party reviews
Which business function of OpenSAMM is associated
with governance? -
-Solution
