WGU D487: Secure Software Design Exam Knowledge Check with complete and verified solutions (Latest 2025/2026 Update)

WGU D487: Secure Software Design
Exam Knowledge Check with
complete and verified solutions
(Latest 2025/2026 Update)

Question:

A software security team member has been tasked with creating a
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



deliverable that provides details on where and to what degree sensitive
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


customer information is collected, stored, or created within a new product
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



offering.



What does the team member need to deliver in order to meet the
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



objective??
Answer:
Privacy impact assessment
i,- i,-




Question:

A software security team member has been tasked with creating a threat
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


model for the login process of a new product.What is the first step the
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


team member should take??
i,- i,- i,-

,Answer:
Identify security objectives i,- i,-




Question:

What are three parts of the STRIDE methodology??
i,- i,- i,- i,- i,- i,- i,-




Answer:
Spoofing, Elevation, Tampering i,- i,-




Question:
What is the reason software security teams host discovery meetings with
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


stakeholders early in the development life cycle?? i,- i,- i,- i,- i,- i,-




Answer:

To ensure that security is built into the product from the start
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-




Question:

Why should a security team provide documented certification
i,- i,- i,- i,- i,- i,- i,- i,-


requirements during the software assessment phase?? i,- i,- i,- i,- i,-




Answer:
Depending on the environment in which the product resides, certifications
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



may be required by corporate or government entities before the software
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-


can be released to customers.
i,- i,- i,- i,-

, Question:

What are two items that should be included in the privacy impact
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-



assessment plan regardless of which methodology is used??
i,- i,- i,- i,- i,- i,- i,-




Answer:

Required process steps & Technologies and techniques
i,- i,- i,- i,- i,- i,-




Question:

What are the goals of each SDL deliverable? - Product Risk Profile?
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-




Answer:
Estimate the actual cost of the product
i,- i,- i,- i,- i,- i,-




Question:

What are the goals of each SDL deliverable? -SDL project outline?
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-




Answer:

Map security activities to the development schedule
i,- i,- i,- i,- i,- i,-




Question:
What are the goals of each SDL deliverable? - Threat profile?
i,- i,- i,- i,- i,- i,- i,- i,- i,- i,-