1 | Page
WGU D487 SECURE SW DESIGN OA EXAM
2024 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS Questions
and Correct Answers/ Latest Update /
Already Graded
Which practice in the Ship (A5) phase of the security development
cycle verifies whether the product meets security mandates?
Ans: A5 policy compliance analysis
Which post-release support activity defines the process to
communicate, identify, and alleviate security threats?
Ans: PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security Assurance
Maturity Model (OpenSAMM)?
Ans: Governance, Construction
,2 | Page
Which practice in the Ship (A5) phase of the security development
cycle uses tools to identify weaknesses in the product?
Ans: Vulnerability scan
Which post-release support activity should be completed when
companies are joining together?
Ans: Security architectural reviews
Which of the Ship (A5) deliverables of the security development
cycle are performed during the A5 policy compliance analysis?
Ans: Analyze activities and standards
Which of the Ship (A5) deliverables of the security development
cycle are performed during the code-assisted penetration testing?
Ans: white-box security test
,3 | Page
Which of the Ship (A5) deliverables of the security development
cycle are performed during the open-source licensing review?
Ans: license compliance
Which of the Ship (A5) deliverables of the security development
cycle are performed during the final security review?
Ans: Release and ship
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on agile?
Ans: iterative development
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on devops?
Ans: continuous integration and continuous deployments
, 4 | Page
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on cloud?
Ans: API invocation processes
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on digital
enterprise?
Ans: enables and improves business activities
Which phase of penetration testing allows for remediation to be
performed?
Ans: Deploy
Which key deliverable occurs during post-release support?
Ans: third-party reviews
WGU D487 SECURE SW DESIGN OA EXAM
2024 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS Questions
and Correct Answers/ Latest Update /
Already Graded
Which practice in the Ship (A5) phase of the security development
cycle verifies whether the product meets security mandates?
Ans: A5 policy compliance analysis
Which post-release support activity defines the process to
communicate, identify, and alleviate security threats?
Ans: PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security Assurance
Maturity Model (OpenSAMM)?
Ans: Governance, Construction
,2 | Page
Which practice in the Ship (A5) phase of the security development
cycle uses tools to identify weaknesses in the product?
Ans: Vulnerability scan
Which post-release support activity should be completed when
companies are joining together?
Ans: Security architectural reviews
Which of the Ship (A5) deliverables of the security development
cycle are performed during the A5 policy compliance analysis?
Ans: Analyze activities and standards
Which of the Ship (A5) deliverables of the security development
cycle are performed during the code-assisted penetration testing?
Ans: white-box security test
,3 | Page
Which of the Ship (A5) deliverables of the security development
cycle are performed during the open-source licensing review?
Ans: license compliance
Which of the Ship (A5) deliverables of the security development
cycle are performed during the final security review?
Ans: Release and ship
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on agile?
Ans: iterative development
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on devops?
Ans: continuous integration and continuous deployments
, 4 | Page
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on cloud?
Ans: API invocation processes
How can you establish your own SDL to build security into a process
appropriate for your organization's needs based on digital
enterprise?
Ans: enables and improves business activities
Which phase of penetration testing allows for remediation to be
performed?
Ans: Deploy
Which key deliverable occurs during post-release support?
Ans: third-party reviews
