1|Page
WGU D487 PRE-ASSESSMENT EXAM QUESTIONS AND 100%
CORRECT ANSWERS | LATEST UPDATE 2026/2027 | EXPERT
VERIFIED SOLUTIONS | ASURED PASS.
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve
them over time?, - ANSWER: Building Security In Maturity Model
(BSIMM)
What is the analysis of computer software that is performed without
executing programs? - ANSWER: Static analysis
What is the analysis of computer software that is performed by
executing programs on a real or virtual processor in real time?, -
ANSWER: Dynamic analysis
Which person is responsible for designing, planning, and
implementing secure coding practices and security testing
methodologies? - ANSWER: Software security architect
A company is preparing to add a new feature to its flagship software
product. The new feature is similar to features that have been added in
previous years, and the requirements are well-documented. The project
is expected to last three to four months, at which time the new feature
will be released to customers. Project team members will focus solely on
, 2|Page
the new feature until the project ends. Which software development
methodology is being used? - ANSWER: Waterfall
A new product will require an administration section for a small number
of users. Normal users will be able to view limited customer information
and should not see admin functionality within the application. Which
concept is being used? - ANSWER: Principle of least privilege
Which International Organization for Standardization (ISO) standard is
the benchmark for information security today? - ANSWER: ISO/IEC
27001.
The scrum team is attending their morning meeting, which is scheduled
at the beginning of the work day. Each team member reports what they
accomplished yesterday, what they plan to accomplish today, and if they
have any impediments that may cause them to miss their delivery
deadline. Which scrum ceremony is the team participating in? -
ANSWER: Daily Scrum
What is a list of information security vulnerabilities that aims to provide
names for publicly known problems? - ANSWER: Common computer
vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWER:
Cryptographic practices
WGU D487 PRE-ASSESSMENT EXAM QUESTIONS AND 100%
CORRECT ANSWERS | LATEST UPDATE 2026/2027 | EXPERT
VERIFIED SOLUTIONS | ASURED PASS.
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve
them over time?, - ANSWER: Building Security In Maturity Model
(BSIMM)
What is the analysis of computer software that is performed without
executing programs? - ANSWER: Static analysis
What is the analysis of computer software that is performed by
executing programs on a real or virtual processor in real time?, -
ANSWER: Dynamic analysis
Which person is responsible for designing, planning, and
implementing secure coding practices and security testing
methodologies? - ANSWER: Software security architect
A company is preparing to add a new feature to its flagship software
product. The new feature is similar to features that have been added in
previous years, and the requirements are well-documented. The project
is expected to last three to four months, at which time the new feature
will be released to customers. Project team members will focus solely on
, 2|Page
the new feature until the project ends. Which software development
methodology is being used? - ANSWER: Waterfall
A new product will require an administration section for a small number
of users. Normal users will be able to view limited customer information
and should not see admin functionality within the application. Which
concept is being used? - ANSWER: Principle of least privilege
Which International Organization for Standardization (ISO) standard is
the benchmark for information security today? - ANSWER: ISO/IEC
27001.
The scrum team is attending their morning meeting, which is scheduled
at the beginning of the work day. Each team member reports what they
accomplished yesterday, what they plan to accomplish today, and if they
have any impediments that may cause them to miss their delivery
deadline. Which scrum ceremony is the team participating in? -
ANSWER: Daily Scrum
What is a list of information security vulnerabilities that aims to provide
names for publicly known problems? - ANSWER: Common computer
vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWER:
Cryptographic practices
