Page |1
WGU D487 SECURE SW DESIGN EXAM 2024 ACTUAL EXAM
2 VERSIONS (VERSION A AND B) COMPLETE ACCURATE
EXAM 2025/2026 NEWEST ACTUAL EXAM WITH COMPLETE
QUESTIONS AND VERIFIED ANSWERS |ALREADY GRADED
A+|
What is the primary function of architectural threat analysis in the
Architecture (A2) phase?
A) To prioritize threats so that high-risk areas receive immediate
attention and mitigation
B) To reduce the need for data flow diagrams
C) To evaluate only minor threats
D) To focus solely on functional testing - ANSWER-A) To prioritize
threats so that high-risk areas receive immediate attention and
mitigation
Identify the meaning of the acronym "CIA" as used in SDL and
security practices.
A) Centralized Information Access
, Page |2
B) Confidentiality, Integrity, Availability
C) Critical Infrastructure Assessment
D) Core Information Audit - ANSWER-B) Confidentiality, Integrity,
Availability
A project team is required to document software requirements and
associated business risks tied to confidentiality, integrity, and
availability (CIA). What is the primary purpose of this deliverable?
A) To ensure the software focuses only on functionality
B) To align security requirements with business goals, protecting
critical assets
C) To limit data protection to post-deployment stages
D) To reduce the need for cross-functional collaboration -
ANSWER-B) To align security requirements with business goals,
protecting critical assets
Which of the following deliverables provides a visual map and
detailed list of potential security threats in the Architecture (A2)
phase?
, Page |3
A) Risk Mitigation Plan
B) Data Flow Diagram (DFD) and threat modeling artifacts
C) Product Risk Profile
D) Compliance Report - ANSWER-B) Data Flow Diagram (DFD)
and threat modeling artifacts
In the SDL, the Risk Mitigation Plan is a key deliverable. Why is
this plan important?
A) It documents how each identified risk will be either mitigated,
accepted, or tolerated
B) It removes the need for testing security features
C) It replaces the threat modeling process
D) It ensures that all data is encrypted by default - ANSWER-A) It
documents how each identified risk will be either mitigated,
accepted, or tolerated
Why is a Policy Compliance Analysis deliverable critical in the
Architecture (A2) phase?
, Page |4
A) To align the software with organizational policies and industry
standards, covering data governance, cryptography, and privacy
regulations
B) To avoid security regulations and policies
C) To simplify security to only technical requirements
D) To limit analysis to data integrity - ANSWER-A) To align the
software with organizational policies and industry standards,
covering data governance, cryptography, and privacy regulations
Which deliverable is designed to help prioritize threats and risks
based on potential impact, allowing the project team to address
the highest priorities first?
A) Architectural Threat Analysis
B) Project Timeline
C) Financial Budget
D) Functionality Checklist - ANSWER-A) Architectural Threat
Analysis
WGU D487 SECURE SW DESIGN EXAM 2024 ACTUAL EXAM
2 VERSIONS (VERSION A AND B) COMPLETE ACCURATE
EXAM 2025/2026 NEWEST ACTUAL EXAM WITH COMPLETE
QUESTIONS AND VERIFIED ANSWERS |ALREADY GRADED
A+|
What is the primary function of architectural threat analysis in the
Architecture (A2) phase?
A) To prioritize threats so that high-risk areas receive immediate
attention and mitigation
B) To reduce the need for data flow diagrams
C) To evaluate only minor threats
D) To focus solely on functional testing - ANSWER-A) To prioritize
threats so that high-risk areas receive immediate attention and
mitigation
Identify the meaning of the acronym "CIA" as used in SDL and
security practices.
A) Centralized Information Access
, Page |2
B) Confidentiality, Integrity, Availability
C) Critical Infrastructure Assessment
D) Core Information Audit - ANSWER-B) Confidentiality, Integrity,
Availability
A project team is required to document software requirements and
associated business risks tied to confidentiality, integrity, and
availability (CIA). What is the primary purpose of this deliverable?
A) To ensure the software focuses only on functionality
B) To align security requirements with business goals, protecting
critical assets
C) To limit data protection to post-deployment stages
D) To reduce the need for cross-functional collaboration -
ANSWER-B) To align security requirements with business goals,
protecting critical assets
Which of the following deliverables provides a visual map and
detailed list of potential security threats in the Architecture (A2)
phase?
, Page |3
A) Risk Mitigation Plan
B) Data Flow Diagram (DFD) and threat modeling artifacts
C) Product Risk Profile
D) Compliance Report - ANSWER-B) Data Flow Diagram (DFD)
and threat modeling artifacts
In the SDL, the Risk Mitigation Plan is a key deliverable. Why is
this plan important?
A) It documents how each identified risk will be either mitigated,
accepted, or tolerated
B) It removes the need for testing security features
C) It replaces the threat modeling process
D) It ensures that all data is encrypted by default - ANSWER-A) It
documents how each identified risk will be either mitigated,
accepted, or tolerated
Why is a Policy Compliance Analysis deliverable critical in the
Architecture (A2) phase?
, Page |4
A) To align the software with organizational policies and industry
standards, covering data governance, cryptography, and privacy
regulations
B) To avoid security regulations and policies
C) To simplify security to only technical requirements
D) To limit analysis to data integrity - ANSWER-A) To align the
software with organizational policies and industry standards,
covering data governance, cryptography, and privacy regulations
Which deliverable is designed to help prioritize threats and risks
based on potential impact, allowing the project team to address
the highest priorities first?
A) Architectural Threat Analysis
B) Project Timeline
C) Financial Budget
D) Functionality Checklist - ANSWER-A) Architectural Threat
Analysis
