WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO) questions fully solved & updated 2025

WGU D487 PRE-ASSESSMENT:
SECURE SOFTWARE DESIGN
(KEO1) (PKEO) questions fully solved
& updated 2025

What is a study of real-world software security initiatives
bq bq bq bq bq bq bq bq




organized so companies can measure their initiatives and
bq bq bq bq bq bq bq bq




understand how to evolve them over time?, - answer Building
bq bq bq bq bq bq bq bq bq bq bq bq




Security In Maturity Model (BSIMM)
bq bq bq bq bq




What is the analysis of computer software that is performed
bq bq bq bq bq bq bq bq bq




without executing programs? - answer Static analysis
bq bq bq bq bq bq bq bq bq




Which International Organization for Standardization (ISO)
bq bq bq bq bq




standard is the benchmark for information security today? -
bq bq bq bq bq bq bq bq bq




answer ISO/IEC 27001.
bq bq bq bq bq




What is the analysis of computer software that is performed by
bq bq bq bq bq bq bq bq bq bq




executing programs on a real or virtual processor in real time?, -
bq bq bq bq bq bq bq bq bq bq bq bq




answer Dynamic analysis
bq bq bq bq bq




Which person is responsible for designing, planning, and
bq bq bq bq bq bq bq




implementing secure coding practices and security testing
bq bq bq bq bq bq bq




methodologies? - answer Software security architect
bq bq bq bq bq bq bq bq

, A company is preparing to add a new feature to its flagship
bq bq bq bq bq bq bq bq bq bq bq




software product. The new feature is similar to features that have
bq bq bq bq bq bq bq bq bq bq bq




been added in previous years, and the requirements are well-
bq bq bq bq bq bq bq bq bq bq




documented. The project is expected to last three to four months, bq bq bq bq bq bq bq bq bq bq




at which time the new feature will be released to customers.
bq bq bq bq bq bq bq bq bq bq bq




Project team members will focus solely on the new feature until the
bq bq bq bq bq bq bq bq bq bq bq bq




project ends. Which software development methodology is being
bq bq bq bq bq bq bq bq




used? - answer Waterfall
bq bq bq bq bq bq




A new product will require an administration section for a small
bq bq bq bq bq bq bq bq bq bq




number of users. Normal users will be able to view limited
bq bq bq bq bq bq bq bq bq bq bq




customer information and should not see admin functionality
bq bq bq bq bq bq bq bq




within the application. Which concept is being used? - answer
bq bq bq bq bq bq bq bq bq bq bq bq




Principle of least privilege
bq bq bq bq




The scrum team is attending their morning meeting, which is
bq bq bq bq bq bq bq bq bq




scheduled at the beginning of the work day. Each team member
bq bq bq bq bq bq bq bq bq bq bq




reports what they accomplished yesterday, what they plan to
bq bq bq bq bq bq bq bq bq




accomplish today, and if they have any impediments that may
bq bq bq bq bq bq bq bq bq bq




cause them to miss their delivery deadline. Which scrum ceremony
bq bq bq bq bq bq bq bq bq bq




is the team participating in? - answer Daily Scrum
bq bq bq bq bq bq bq bq bq bq bq




What is a list of information security vulnerabilities that aims to
bq bq bq bq bq bq bq bq bq bq




provide names for publicly known problems? - answer Common
bq bq bq bq bq bq bq bq bq bq bq




computer vulnerabilities and exposures (CVE)
bq bq bq bq bq




Which secure coding best practice uses well-tested, publicly
bq bq bq bq bq bq bq




available algorithms to hide product data from unauthorized
bq bq bq bq bq bq bq bq




access? - answer Cryptographic practices
bq bq bq bq bq bq bq