WGU D487: Secure Software Design Study Guide with complete and verified solutions (Latest 2025/2026 Update)

WGU D487: Secure Software Design
Study Guide with complete and verified
solutions (Latest 2025/2026 Update)

Question:
ISO/IEC 27001?
i,-




Answer:

Specifies requirements for establishing, implementing, operating,
i,- i,- i,- i,- i,- i,-


monitoring, reviewing, maintaining and improving a documented
i,- i,- i,- i,- i,- i,- i,-


information security management system
i,- i,- i,-




Question:

ISO/IEC 17799?
i,-




Answer:
ISO/EIC is a joint committee that develops and maintains standards in the
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


IT industry. is an international code of practice for information security
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



management. This section defines confidentiality, integrity and availability
i,- i,- i,- i,- i,- i,- i,- i,-


controls.




Question:

,ISO/IEC 27034? i,-




Answer:

A standard that provides guidance to help organizations embed security
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



within their processes that help secure applications running in the
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


environment, including application lifecycle processes
i,- i,- i,- i,-




Question:

Software security champion?i,- i,-




Answer:
a developer with an interest in security who helps amplify the security
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


message at the team level i,- i,- i,- i,-




Question:
waterfall methodology? i,-




Answer:
a sequential, activity-based process in which each phase in the SDLC is
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



performed sequentially from planning through implementation and
i,- i,- i,- i,- i,- i,- i,-


maintenance




Question:

Agile Development?
i,-

,Answer:
A software development methodology that delivers functionality in rapid
i,- i,- i,- i,- i,- i,- i,- i,- i,-



iterations, measured in weeks, requiring frequent communication,
i,- i,- i,- i,- i,- i,- i,-


development, testing, and delivery. i,- i,- i,-




Question:

Scrum?

Answer:
an agile project management framework that helps teams structure and
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


manage their work through a set of values, principles, and practices
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-




Question:
Daily scrum? i,-




Answer:

daily time-boxed event of 15 minutes, or less, for the Development Team
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


to re-plan the next day of development work during a Sprint. Updates are
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


reflected in the Sprint Backlog.i,- i,- i,- i,-




Question:

Sprint review? i,-




Answer:

, A meeting that occurs after each sprint to show the product or process to
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


stakeholders for approval and to receive feedback. i,- i,- i,- i,- i,- i,-




Question:
Sprint retrospective? i,-




Answer:

an opportunity for the Scrum Team to inspect itself and create a plan for
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



improvements to be enacted during the next Sprint. i,- i,- i,- i,- i,- i,- i,-




Question:
Sprint planning? i,-




Answer:

A collaborative event in Scrum in which the Scrum team plans the work
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


for the current sprint.
i,- i,- i,-




Question:

Building Security In Maturity Model (BSIMM)?
i,- i,- i,- i,- i,-




Answer:

A study of real-world software security initiatives organized so that you
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


can determine where you stand with your software security initiative and
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


how to evolve your efforts over time
i,- i,- i,- i,- i,- i,-