SECURE OF SOFTWARE DESIGN WGU
D487 PRE-ASSESSMENT EXAM WITH
GRADED ANSWERS
A software security team member has created data flow
diagrams, chosen the STRIDE methodology to perform threat
reviews, and created the security assessment for the new
product. Which category of secure software best practices
did the team member perform?
Architecture analysis
Team members are being introduced during sprint zero in the
project kickoff meeting. The person being introduced will be
a facilitator, will try to remove roadblocks and ensure the
team is communicating freely, and will be responsible for
facilitating all scrum ceremonies. Which role is the team
member playing?
Scrum master
What is a study of real-world software security initiatives
organized so companies can measure their initiatives and
understand how to evolve them over time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed
without executing programs?
, Static analysis
Which International Organization for Standardization (ISO)
standard is the benchmark for information security today?
ISO/IEC 27001.
What is the analysis of computer software that is performed
by executing programs on a real or virtual processor in real
time?,
Dynamic analysis
Which person is responsible for designing, planning, and
implementing secure coding practices and security testing
methodologies?
Software security architect
A company is preparing to add a new feature to its flagship
software product. The new feature is similar to features that
have been added in previous years, and the requirements are
well-documented. The project is expected to last three to four
months, at which time the new feature will be released to
customers. Project team members will focus solely on the
new feature until the project ends. Which software
development methodology is being used?
Waterfall
D487 PRE-ASSESSMENT EXAM WITH
GRADED ANSWERS
A software security team member has created data flow
diagrams, chosen the STRIDE methodology to perform threat
reviews, and created the security assessment for the new
product. Which category of secure software best practices
did the team member perform?
Architecture analysis
Team members are being introduced during sprint zero in the
project kickoff meeting. The person being introduced will be
a facilitator, will try to remove roadblocks and ensure the
team is communicating freely, and will be responsible for
facilitating all scrum ceremonies. Which role is the team
member playing?
Scrum master
What is a study of real-world software security initiatives
organized so companies can measure their initiatives and
understand how to evolve them over time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed
without executing programs?
, Static analysis
Which International Organization for Standardization (ISO)
standard is the benchmark for information security today?
ISO/IEC 27001.
What is the analysis of computer software that is performed
by executing programs on a real or virtual processor in real
time?,
Dynamic analysis
Which person is responsible for designing, planning, and
implementing secure coding practices and security testing
methodologies?
Software security architect
A company is preparing to add a new feature to its flagship
software product. The new feature is similar to features that
have been added in previous years, and the requirements are
well-documented. The project is expected to last three to four
months, at which time the new feature will be released to
customers. Project team members will focus solely on the
new feature until the project ends. Which software
development methodology is being used?
Waterfall
