Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

2026 LATEST WGU D487 SECURE SOFTWARE DEVELOPMENT LIFE CYCLE (SDL) MASTER GUIDE 140+ HIGH-YIELD MCQS WITH CORRECT ANSWERS AND DETAILED RATIONALES

Rating
-
Sold
-
Pages
34
Grade
A+
Uploaded on
01-07-2026
Written in
2025/2026

WGU D487 Secure Software Development Life Cycle (SDL) Master Guide 2026 is a comprehensive study resource designed to help students prepare for Secure Software Development Life Cycle assessments by strengthening knowledge of secure development practices, software security principles, and application lifecycle concepts. It includes 140+ original high-yield practice questions with correct answers and detailed rationales covering key topics such as secure SDLC phases, threat modeling, secure coding practices, vulnerability management, risk assessment, security testing, DevSecOps concepts, software architecture, authentication and authorization, encryption fundamentals, compliance considerations, and security best practices. This resource is intended for self-assessment, review, and exam preparation to improve understanding, confidence, and readiness, and it contains original educational material

Show more Read less
Institution
WGU D487 SECURE SOFTWARE DEVELOPMENT
Course
WGU D487 SECURE SOFTWARE DEVELOPMENT

Content preview

2026 LATEST WGU D487 SECURE SOFTWARE DEVELOPMENT
LIFE CYCLE (SDL) MASTER GUIDE 140+ HIGH-YIELD MCQS
WITH CORRECT ANSWERS AND DETAILED RATIONALES
1. Which practice in the Ship (A5) phase of the Security Development Life Cycle (SDL) verifies
whether the product meets security mandates?

A. Vulnerability scan
B. Code-assisted penetration testing
C. A5 policy compliance analysis
D. Final security review

Correct Answer: C. A5 policy compliance analysis

Rationale: A5 policy compliance analysis verifies that the product meets required security policies,
standards, and mandates before release.



2. Which post-release support activity defines the process to communicate, identify, and alleviate
security threats?

A. Security architectural reviews
B. Third-party reviews
C. External vulnerability disclosure response
D. Vulnerability scanning

Correct Answer: C. External vulnerability disclosure response

Rationale: External vulnerability disclosure response defines how security vulnerabilities are
reported, investigated, communicated, and resolved.



3. What are two core practice areas of the OWASP Security Assurance Maturity Model
(OpenSAMM)?

A. Deployment and testing
B. Governance and Construction
C. Verification and operations
D. Planning and maintenance

Correct Answer: B. Governance and Construction

Rationale: OpenSAMM includes Governance, Construction, Verification, and Deployment as major
software security practice areas.



4. Which practice in the Ship (A5) phase uses tools to identify weaknesses in the product?

A. Final security review
B. Open-source licensing review

,C. Vulnerability scan
D. Policy compliance analysis

Correct Answer: C. Vulnerability scan

Rationale: Vulnerability scans use automated tools to detect weaknesses before software release.



5. Which post-release support activity should be completed when companies are joining together?

A. Code review
B. Security architectural reviews
C. Vulnerability scan
D. Threat modeling

Correct Answer: B. Security architectural reviews

Rationale: Security architectural reviews evaluate risks caused by combining systems, applications,
or environments.



6. Which Ship (A5) deliverable is performed during A5 policy compliance analysis?

A. White-box security testing
B. Analyze activities and standards
C. License compliance
D. Release and ship

Correct Answer: B. Analyze activities and standards

Rationale: Policy compliance analysis verifies required activities and security standards are followed.



7. Which Ship (A5) deliverable is performed during code-assisted penetration testing?

A. License compliance
B. Threat modeling artifacts
C. White-box security testing
D. Final release approval

Correct Answer: C. White-box security testing

Rationale: Code-assisted penetration testing uses internal knowledge of software to perform white-
box testing.



8. Which Ship (A5) deliverable is performed during open-source licensing review?

A. Vulnerability scanning
B. License compliance
C. Threat assessment
D. Code review

,Correct Answer: B. License compliance

Rationale: Open-source licensing review ensures third-party components follow legal licensing
requirements.



9. Which Ship (A5) deliverable is performed during the final security review?

A. Threat profile
B. Release and ship
C. Data classification
D. Code analysis

Correct Answer: B. Release and ship

Rationale: Final security review confirms the product is ready for secure release.



10. How can an organization establish its own SDL to build security into an agile process?

A. Waterfall development
B. Iterative development
C. Manual deployment only
D. Outsourcing all security

Correct Answer: B. Iterative development

Rationale: Agile SDL integrates security into repeated development cycles.



Continuing:

11. How can an organization establish its own SDL to build security into a DevOps process?

A. Manual security reviews only
B. Continuous integration and continuous deployments
C. Removing automation
D. Delaying security until release

Correct Answer: B. Continuous integration and continuous deployments

Rationale: DevOps-based SDL practices integrate security into automated development and
deployment workflows.



12. How can an organization establish its own SDL to build security into a cloud environment?

A. Physical security controls only
B. API invocation processes
C. Eliminating automated services
D. Restricting all access

Correct Answer: B. API invocation processes

, Rationale: Cloud environments rely on secure API processes to manage communication and services.



13. How can an organization establish its own SDL based on a digital enterprise?

A. Disable business processes
B. Enables and improves business activities
C. Avoid security requirements
D. Remove compliance checks

Correct Answer: B. Enables and improves business activities

Rationale: A digital enterprise SDL supports business functions while maintaining security.



14. Which phase of penetration testing allows remediation to be performed?

A. Assess
B. Identify
C. Evaluate and plan
D. Deploy

Correct Answer: D. Deploy

Rationale: The deploy phase is where fixes and remediation actions are implemented.



15. Which key deliverable occurs during post-release support?

A. Threat modeling
B. Third-party reviews
C. Requirement gathering
D. Functional testing

Correct Answer: B. Third-party reviews

Rationale: Post-release support includes ongoing reviews and assessments after deployment.



16. Which business function of OpenSAMM is associated with governance?

A. Threat assessment
B. Code review
C. Vulnerability management
D. Policy and compliance

Correct Answer: D. Policy and compliance

Rationale: Governance focuses on policies, compliance, and organizational security processes.



17. Which business function of OpenSAMM is associated with construction?

Written for

Institution
WGU D487 SECURE SOFTWARE DEVELOPMENT
Course
WGU D487 SECURE SOFTWARE DEVELOPMENT

Document information

Uploaded on
July 1, 2026
Number of pages
34
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • wgu d487
  • 2026
$27.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
JAYDEN254 Walden University
View profile
Follow You need to be logged in order to follow users or courses
Sold
279
Member since
2 year
Number of followers
19
Documents
2665
Last sold
20 hours ago
GOLD-RATED TOP SELLER ON STUVIA – YOUR TRUSTED HUB FOR EXCEPTIONAL STUDY RESOURCES! ACHIEVE MORE WITH EXPERTLY CRAFTED MATERIALS THAT GUARANTEE RESULTS!

GOLD-RATED TOP SELLER ON STUVIA – YOUR TRUSTED HUB FOR EXCEPTIONAL STUDY RESOURCES! ACHIEVE MORE WITH EXPERTLY CRAFTED MATERIALS THAT GUARANTEE RESULTS! Welcome to Your Ultimate Study Hub on Stuvia! As a Gold-Rated Top Seller with a proven reputation for excellence, I offer carefully curated, verified study materials designed to help you achieve remarkable academic success. With countless students benefiting from my 5-star rated resources, I am committed to providing clear, accurate, and comprehensive content that will guide you to your academic goals. Whether you\'re aiming for top grades, preparing for critical exams, or simply seeking reliable study aids, my collection of expertly crafted notes, summaries, and guides has you covered. I understand the importance of high-quality, dependable materials in your academic journey. That’s why every document in my store is thoughtfully created to meet your specific needs, ensuring you have the tools to succeed with confidence. Browse my store and take the first step toward academic excellence. Join thousands of satisfied students who have leveraged my resources to excel in their studies. Shop now and unlock the secret to achieving A+ results! Did my resources help you succeed? I’d love to hear about your experience! Please leave a review of your experience with our study documents.

Read more Read less
5.0

4217 reviews

5
4194
4
9
3
9
2
0
1
5

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions