WGU D487 Secure Software Design Exam 2026 –
Western Governors University | Actual Exam Versions
A & B with Complete Verified Answers.
Q1: Secure Design Principles & Threat Modeling
During threat-modeling a cloud storage service, the team notes that an attacker could re-play a
valid delete request captured earlier. Which STRIDE category is this?
A. Repudiation
B. Tampering
C. Denial of Service
D. Information Disclosure
Answer: A
Rationale: A replayed delete request can allow an attacker to deny the operation ever occurred
or cause unintended deletion, leading to non-repudiation issues. It does not alter data
(Tampering), exhaust resources (DoS), or leak data (Information Disclosure).
Q2: Secure Design Principles & Threat Modeling
A developer proposes embedding API keys inside a mobile app’s obfuscated binary to simplify
deployment. Which principle is MOST directly violated?
A. Security through obscurity
B. Open design
C. Least privilege
D. Separation of duties
Answer: B
Rationale: The Open Design principle states that security should not depend on the secrecy of
the design or implementation. Embedding secrets in code violates this, as the key cannot be
considered secure once distributed.
Q3: Secure Design Principles & Threat Modeling
A micro-service architecture shares a single database schema across all services to save
development time. Which secure design concern is MOST critical?
Western Governors University | Actual Exam Versions
A & B with Complete Verified Answers.
Q1: Secure Design Principles & Threat Modeling
During threat-modeling a cloud storage service, the team notes that an attacker could re-play a
valid delete request captured earlier. Which STRIDE category is this?
A. Repudiation
B. Tampering
C. Denial of Service
D. Information Disclosure
Answer: A
Rationale: A replayed delete request can allow an attacker to deny the operation ever occurred
or cause unintended deletion, leading to non-repudiation issues. It does not alter data
(Tampering), exhaust resources (DoS), or leak data (Information Disclosure).
Q2: Secure Design Principles & Threat Modeling
A developer proposes embedding API keys inside a mobile app’s obfuscated binary to simplify
deployment. Which principle is MOST directly violated?
A. Security through obscurity
B. Open design
C. Least privilege
D. Separation of duties
Answer: B
Rationale: The Open Design principle states that security should not depend on the secrecy of
the design or implementation. Embedding secrets in code violates this, as the key cannot be
considered secure once distributed.
Q3: Secure Design Principles & Threat Modeling
A micro-service architecture shares a single database schema across all services to save
development time. Which secure design concern is MOST critical?
