CERTIFIED
WGU D487 SECURE
SOFTWARE DESIGN
QUESTIONS 2025
55+ (2025-2026 A+ Verified) Exam Questions | Verified
Solutions | Correct Answer Keys
100% Guaranteed Pass Rate
Complete exam WGU D487 Secure Software Design
✓
coverage: Questions 2025
✓ 100% Accurate & Verified Questions and Answers
✓ Reviewed by Subject Matter Experts
✓ Updated for current exam objectives
✓ Instant digital download after purchase
Trusted by thousands of students and professionals worldwide • © 2025-2026
,Questions
Question 1
Which activity in the Ship (A5) phase of the security development cycle sets requirements for quality gates that must be met
before release?
Open-source licensing review
Vulnerability scan
Code-assisted penetration testing
A5 policy compliance analysis
Correct Answer
A5 policy compliance analysis
A5 policy compliance analysis verifies that the product meets security mandates and that compliance activities have been
performed at each SDL phase.
Question 2
What happens during a dynamic code review?
Programmers monitor system memory, functional behavior, response times, and overall performance.
Customers perform tests to check software meets requirements.
An analysis of computer programs without executing them is performed.
Input fields are supplied with unexpected input and tested.
Correct Answer
Programmers monitor system memory, functional behavior, response times, and overall performance.
Question 3
What is a non-system-related component in software security testing attack surface validation?
Inputs
Network
Users
Architecture
Correct Answer
Users
Users are not part of the software application and are external.
, Question 4
What is the product risk profile?
A security assessment deliverable that lists education requirements for product and operations teams
A security assessment deliverable that maps activities to the development schedule
A security assessment deliverable that guides SDL activities to mitigate issues
A security assessment deliverable that estimates the actual cost of the product
Correct Answer
A security assessment deliverable that estimates the actual cost of the product
Looking at products from different perspectives allows management to determine the actual cost of a product, which includes
selling it in different markets, and liabilities that might be incurred.
Question 5
Which step will you find in the SANS Institute Cyber Defense seven-step recipe for conducting threat modeling and application
risk analysis?
Threat assessment
Conduct a BSIMM assessment
Demonstrate improvement
Brainstorm threats from adversaries
Correct Answer
Brainstorm threats from adversaries
Brainstorm threats from adversaries is step 4 in the SANS Institute recipe.
Question 6
What determines the order of items in a product backlog in Scrum?
Order is decided by the Scrum Team
Order is decided by the ScrumMaster
Order is decided by the project manager
Order is decided based on value of the items being delivered
Correct Answer
Order is decided based on value of the items being delivered
Order is decided based on the value of the item/requirement in the backlog as it helps business when the item is done and
business can start using it. The Product Owner decides the order of items in the backlog.
WGU D487 SECURE
SOFTWARE DESIGN
QUESTIONS 2025
55+ (2025-2026 A+ Verified) Exam Questions | Verified
Solutions | Correct Answer Keys
100% Guaranteed Pass Rate
Complete exam WGU D487 Secure Software Design
✓
coverage: Questions 2025
✓ 100% Accurate & Verified Questions and Answers
✓ Reviewed by Subject Matter Experts
✓ Updated for current exam objectives
✓ Instant digital download after purchase
Trusted by thousands of students and professionals worldwide • © 2025-2026
,Questions
Question 1
Which activity in the Ship (A5) phase of the security development cycle sets requirements for quality gates that must be met
before release?
Open-source licensing review
Vulnerability scan
Code-assisted penetration testing
A5 policy compliance analysis
Correct Answer
A5 policy compliance analysis
A5 policy compliance analysis verifies that the product meets security mandates and that compliance activities have been
performed at each SDL phase.
Question 2
What happens during a dynamic code review?
Programmers monitor system memory, functional behavior, response times, and overall performance.
Customers perform tests to check software meets requirements.
An analysis of computer programs without executing them is performed.
Input fields are supplied with unexpected input and tested.
Correct Answer
Programmers monitor system memory, functional behavior, response times, and overall performance.
Question 3
What is a non-system-related component in software security testing attack surface validation?
Inputs
Network
Users
Architecture
Correct Answer
Users
Users are not part of the software application and are external.
, Question 4
What is the product risk profile?
A security assessment deliverable that lists education requirements for product and operations teams
A security assessment deliverable that maps activities to the development schedule
A security assessment deliverable that guides SDL activities to mitigate issues
A security assessment deliverable that estimates the actual cost of the product
Correct Answer
A security assessment deliverable that estimates the actual cost of the product
Looking at products from different perspectives allows management to determine the actual cost of a product, which includes
selling it in different markets, and liabilities that might be incurred.
Question 5
Which step will you find in the SANS Institute Cyber Defense seven-step recipe for conducting threat modeling and application
risk analysis?
Threat assessment
Conduct a BSIMM assessment
Demonstrate improvement
Brainstorm threats from adversaries
Correct Answer
Brainstorm threats from adversaries
Brainstorm threats from adversaries is step 4 in the SANS Institute recipe.
Question 6
What determines the order of items in a product backlog in Scrum?
Order is decided by the Scrum Team
Order is decided by the ScrumMaster
Order is decided by the project manager
Order is decided based on value of the items being delivered
Correct Answer
Order is decided based on value of the items being delivered
Order is decided based on the value of the item/requirement in the backlog as it helps business when the item is done and
business can start using it. The Product Owner decides the order of items in the backlog.
