ck
WGU D487 SECURE SW
lo
DESIGN EXAM
UPDATED QUESTIONS
yc
WITH DETAILED
ud
ANSWERS A+ GRADED
st
,Which practice in the Ship (A5) phase of
the security development cycle verifies
whether the product meets security
mandates? - ANS A5 policy compliance
analysis
ck
Which post-release support activity defines
the process to communicate, identify, and
lo
alleviate security threats? - ANS PRSA1:
External vulnerability disclosure response
yc
What are two core practice areas of the
OWASP Security Assurance Maturity Model
ud
(OpenSAMM)? - ANS Governance,
Construction
st
Which practice in the Ship (A5) phase of
the security development cycle uses tools
to identify weaknesses in the product? -
ANS Vulnerability scan
,Which post-release support activity should
be completed when companies are joining
together? - ANS Security architectural
reviews
ck
Which of the Ship (A5) deliverables of the
security development cycle are performed
lo
during the A5 policy compliance analysis? -
ANS Analyze activities and standards
yc
Which of the Ship (A5) deliverables of the
security development cycle are performed
ud
during the code-assisted penetration
testing? - ANS white-box security test
st
Which of the Ship (A5) deliverables of the
security development cycle are performed
during the open-source licensing review? -
ANS license compliance
, Which of the Ship (A5) deliverables of the
security development cycle are performed
during the final security review? - ANS
Release and ship
ck
How can you establish your own SDL to
build security into a process appropriate for
lo
your organization's needs based on agile? -
ANS iterative development
yc
How can you establish your own SDL to
build security into a process appropriate for
ud
your organization's needs based on
devops? - ANS continuous integration
and continuous deployments
st
How can you establish your own SDL to
build security into a process appropriate for
WGU D487 SECURE SW
lo
DESIGN EXAM
UPDATED QUESTIONS
yc
WITH DETAILED
ud
ANSWERS A+ GRADED
st
,Which practice in the Ship (A5) phase of
the security development cycle verifies
whether the product meets security
mandates? - ANS A5 policy compliance
analysis
ck
Which post-release support activity defines
the process to communicate, identify, and
lo
alleviate security threats? - ANS PRSA1:
External vulnerability disclosure response
yc
What are two core practice areas of the
OWASP Security Assurance Maturity Model
ud
(OpenSAMM)? - ANS Governance,
Construction
st
Which practice in the Ship (A5) phase of
the security development cycle uses tools
to identify weaknesses in the product? -
ANS Vulnerability scan
,Which post-release support activity should
be completed when companies are joining
together? - ANS Security architectural
reviews
ck
Which of the Ship (A5) deliverables of the
security development cycle are performed
lo
during the A5 policy compliance analysis? -
ANS Analyze activities and standards
yc
Which of the Ship (A5) deliverables of the
security development cycle are performed
ud
during the code-assisted penetration
testing? - ANS white-box security test
st
Which of the Ship (A5) deliverables of the
security development cycle are performed
during the open-source licensing review? -
ANS license compliance
, Which of the Ship (A5) deliverables of the
security development cycle are performed
during the final security review? - ANS
Release and ship
ck
How can you establish your own SDL to
build security into a process appropriate for
lo
your organization's needs based on agile? -
ANS iterative development
yc
How can you establish your own SDL to
build security into a process appropriate for
ud
your organization's needs based on
devops? - ANS continuous integration
and continuous deployments
st
How can you establish your own SDL to
build security into a process appropriate for
