WGU D487 OA EXAM SCRIPT 2026 FULL
QUESTIONS WITH VERIFIED ANSWERS
ALREADY PASSED
◉ Design Phase (SDLC) . Answer: Requirements are prepared for the
technical design
◉ Implementation Phase . Answer: The resources involved in the
application from a known resource are determined
◉ Maintenance Phase . Answer: Ongoing security monitoring is
implemented
◉ Planning Phase of SDLC . Answer: vision and next steps are created
◉ secure code . Answer: a principle design in coding that refers to code
security best practices, safeguards, and protection against vulnerabilities
◉ threat modeling . Answer: a structured process to protect against
vulnerabilities
,◉ What are the three core elements of security . Answer: confidentiality,
integrity, and availability
◉ 8 phases of the SDLC . Answer: planning, requirements, design,
implementation, testing, deployment, maintenance and end of life
◉ What is software security . Answer: Security that deals with securing
the foundational programmatic logic of the underlying software
◉ Which part of the CIA keeps unauthorized users from accessing
confidential information . Answer: Confidentiality
◉ BSIMM . Answer: a study of real-world software security that allows
you to develop your software security over time
◉ dynamic analysis . Answer: analysis of computer software that is
performed when executing the program on a real or virtual processor in
real time
◉ fuzz testing . Answer: automated or semi-automated testing that
provides invalid, unexpected, or random data to the computer program.
◉ measure model . Answer: A set of data security methods that
developers take to protect against vulnerabilities
, ◉ metric model . Answer: allows organizations to determine the
effectiveness of their security controls
◉ OWASP . Answer: A flexible and prospective framework to build
security into your software development organization
◉ static analysis . Answer: The analysis of computer software that is
performed without executing programs
◉ Computer Vulnerabilities and Exposures . Answer: A list of
information that aims to provide common names for publicly known
security vulnerabilities
◉ What are the three primary tools basic to the SDLC . Answer: Fuzz
testing, static analysis, and dynamic analysis testing
◉ In which phase of the SDLC should the software security team be
involved . Answer: Concept
◉ Waterfall . Answer: An approach that divides the process of software
development into separate phases. The outcome of one phase acts as the
input for the next phase
QUESTIONS WITH VERIFIED ANSWERS
ALREADY PASSED
◉ Design Phase (SDLC) . Answer: Requirements are prepared for the
technical design
◉ Implementation Phase . Answer: The resources involved in the
application from a known resource are determined
◉ Maintenance Phase . Answer: Ongoing security monitoring is
implemented
◉ Planning Phase of SDLC . Answer: vision and next steps are created
◉ secure code . Answer: a principle design in coding that refers to code
security best practices, safeguards, and protection against vulnerabilities
◉ threat modeling . Answer: a structured process to protect against
vulnerabilities
,◉ What are the three core elements of security . Answer: confidentiality,
integrity, and availability
◉ 8 phases of the SDLC . Answer: planning, requirements, design,
implementation, testing, deployment, maintenance and end of life
◉ What is software security . Answer: Security that deals with securing
the foundational programmatic logic of the underlying software
◉ Which part of the CIA keeps unauthorized users from accessing
confidential information . Answer: Confidentiality
◉ BSIMM . Answer: a study of real-world software security that allows
you to develop your software security over time
◉ dynamic analysis . Answer: analysis of computer software that is
performed when executing the program on a real or virtual processor in
real time
◉ fuzz testing . Answer: automated or semi-automated testing that
provides invalid, unexpected, or random data to the computer program.
◉ measure model . Answer: A set of data security methods that
developers take to protect against vulnerabilities
, ◉ metric model . Answer: allows organizations to determine the
effectiveness of their security controls
◉ OWASP . Answer: A flexible and prospective framework to build
security into your software development organization
◉ static analysis . Answer: The analysis of computer software that is
performed without executing programs
◉ Computer Vulnerabilities and Exposures . Answer: A list of
information that aims to provide common names for publicly known
security vulnerabilities
◉ What are the three primary tools basic to the SDLC . Answer: Fuzz
testing, static analysis, and dynamic analysis testing
◉ In which phase of the SDLC should the software security team be
involved . Answer: Concept
◉ Waterfall . Answer: An approach that divides the process of software
development into separate phases. The outcome of one phase acts as the
input for the next phase
