4/11/25, 7:29 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO)
WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1)
(PKEO)ACTUAL COMPLETE EXAM WITH QUESTIONS AND
ACCURATE DETAILED SOLUTIONS \VERIFIED ANSWERS
GURANTEED SUCCESS |ALREADY GRADED A+
A software security team Architecture analysis
member has created data
flow diagrams, chosen the
STRIDE methodology to
perform threat reviews, and
created the security
assessment for the new
product. Which
category of secure software
best practices did the team
member perform?
Team members are Scrum master
being introduced during
sprint zero in the project
kickoff
meeting. The person being
introduced will be a
facilitator, will try to
remove
roadblocks and ensure the
team is communicating
freely, and will be
responsible for facilitating all
scrum ceremonies. Which
role is the team member
playing?
The new product standards Communication security
state that all
/ 1/1
7
,4/11/25, 7:29 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO)
traffic must be secure and
encrypted. What is the name
for this secure coding
practice?
Which DREAD category is Reproducibility
based on how easily a threat
exploit can be repeated?
Which mitigation technique Digital signatures
can be used to fight against a
data tampering threat?
What is a countermeasure to Compliance requirement
the web application security
frame (ASF)
configuration
management threat
category?
Which type of requirement Compliance requirement
specifies that file formats
the application sends to
financial institutions must be
certified every four years?
Which type of requirement Privacy requirement
specifies that credit card
numbers displayed in the
application will be masked
so they only show the last
four digits?
Which type of requirement Security requirement
specifies that
user passwords will require a
minimum of 8 characters and
must include at least one
uppercase character, one
number, and one special
character?
/ 2/1
7
, 4/11/25, 7:29 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO)
Which type of requirement Data classification requirement
specifies that credit card
numbers are designated
as
highly sensitive confidential
personal information?
Which privacy impact Privacy control requirements
statement
requirement type defines
how personal information
is protected on devices
used by more than a
single associate?
In which step of the PASTA Vulnerability and weakness analysis
threat modeling
methodology does design
flaw analysis take place?
Which privacy impact Access requirements
statement
requirement type defines
who has access to personal
information within the
product?
Which security assessment SDL project outline
deliverable defines
milestones that will be met
during each phase of the
project, merged into the
product development
schedule?
Which architecture deliverable Policy compliance analysis
identifies whether the
product adheres to
organization security rules?
Which threat modeling STRIDE-per-element
process identifies threats to
each individual object in a
/ 3/1
7
WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1)
(PKEO)ACTUAL COMPLETE EXAM WITH QUESTIONS AND
ACCURATE DETAILED SOLUTIONS \VERIFIED ANSWERS
GURANTEED SUCCESS |ALREADY GRADED A+
A software security team Architecture analysis
member has created data
flow diagrams, chosen the
STRIDE methodology to
perform threat reviews, and
created the security
assessment for the new
product. Which
category of secure software
best practices did the team
member perform?
Team members are Scrum master
being introduced during
sprint zero in the project
kickoff
meeting. The person being
introduced will be a
facilitator, will try to
remove
roadblocks and ensure the
team is communicating
freely, and will be
responsible for facilitating all
scrum ceremonies. Which
role is the team member
playing?
The new product standards Communication security
state that all
/ 1/1
7
,4/11/25, 7:29 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO)
traffic must be secure and
encrypted. What is the name
for this secure coding
practice?
Which DREAD category is Reproducibility
based on how easily a threat
exploit can be repeated?
Which mitigation technique Digital signatures
can be used to fight against a
data tampering threat?
What is a countermeasure to Compliance requirement
the web application security
frame (ASF)
configuration
management threat
category?
Which type of requirement Compliance requirement
specifies that file formats
the application sends to
financial institutions must be
certified every four years?
Which type of requirement Privacy requirement
specifies that credit card
numbers displayed in the
application will be masked
so they only show the last
four digits?
Which type of requirement Security requirement
specifies that
user passwords will require a
minimum of 8 characters and
must include at least one
uppercase character, one
number, and one special
character?
/ 2/1
7
, 4/11/25, 7:29 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO)
Which type of requirement Data classification requirement
specifies that credit card
numbers are designated
as
highly sensitive confidential
personal information?
Which privacy impact Privacy control requirements
statement
requirement type defines
how personal information
is protected on devices
used by more than a
single associate?
In which step of the PASTA Vulnerability and weakness analysis
threat modeling
methodology does design
flaw analysis take place?
Which privacy impact Access requirements
statement
requirement type defines
who has access to personal
information within the
product?
Which security assessment SDL project outline
deliverable defines
milestones that will be met
during each phase of the
project, merged into the
product development
schedule?
Which architecture deliverable Policy compliance analysis
identifies whether the
product adheres to
organization security rules?
Which threat modeling STRIDE-per-element
process identifies threats to
each individual object in a
/ 3/1
7
