WGU D487 - SECURE SOFTWARE DESIGN NEWEST EXAM
QUESTIONS AND 100% CORRECT ANSWERS (A+) 2025
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them
over time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing
programs?
Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today?
ISO/IEC 27001
3 multiple choice options
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?
Dynamic analysis
The organization's testing team has created a catalog of test cases using the
source code and design documentation of the new product. Each test case will
, be executed for each user role in the new product. Which type of security testing
technique is being performed?
White-box
3 multiple choice options
Security team members have been instructed to document which developers
and analysts will perform product testing and which tools they will use. Which
step of the security test plan is being performed?
Identify internal resources
3 multiple choice options
Security team members have been instructed to document how many users will
access the new product and what roles those users will play. Which step of the
security test plan is being performed?
Define the user community
3 multiple choice options
The project team received a SonarQube report of their most recent stage
deployment that contains 15 vulnerabilities that must be fixed before the product
may be released to production. Which security testing technique is being used?
Source-code analysis
3 multiple choice options
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
QUESTIONS AND 100% CORRECT ANSWERS (A+) 2025
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them
over time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing
programs?
Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today?
ISO/IEC 27001
3 multiple choice options
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?
Dynamic analysis
The organization's testing team has created a catalog of test cases using the
source code and design documentation of the new product. Each test case will
, be executed for each user role in the new product. Which type of security testing
technique is being performed?
White-box
3 multiple choice options
Security team members have been instructed to document which developers
and analysts will perform product testing and which tools they will use. Which
step of the security test plan is being performed?
Identify internal resources
3 multiple choice options
Security team members have been instructed to document how many users will
access the new product and what roles those users will play. Which step of the
security test plan is being performed?
Define the user community
3 multiple choice options
The project team received a SonarQube report of their most recent stage
deployment that contains 15 vulnerabilities that must be fixed before the product
may be released to production. Which security testing technique is being used?
Source-code analysis
3 multiple choice options
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
