WGU D487 Pre-Assessment: Secure Software
Design (KEO1) (PKEO) Questions with Correct
Answers 2025/2026
world software security initiatives organized so companies can measure their initiatives and un
derstand how to evolve them over time?, - CORRECT ANSWER -
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing programs? -
CORRECT ANSWER -Static analysis
Which International Organization for Standardization (ISO) standard is the benchmark for infor
mation security today? - CORRECT ANSWER -ISO/IEC 27001.
What is the analysis of computer software that is performed by executing programs on a real o
r virtual processor in real time?, - CORRECT ANSWER -Dynamic analysis
Which person is responsible for designing, planning, and implementing secure coding practices
and security testing methodologies? - CORRECT ANSWER -Software security architect
A company is preparing to add a new feature to its flagship software product. The new feature
is similar to features that have been added in previous years, and the requirements are well-
documented. The project is expected to last three to four months, at which time the new featu
re will be released to customers. Project team members will focus solely on the new feature un
til the project ends. Which software development methodology is being used? -
CORRECT ANSWER -Waterfall
, A new product will require an administration section for a small number of users. Normal users
will be able to view limited customer information and should not see admin functionality withi
n the application. Which concept is being used? - CORRECT ANSWER -
Principle of least privilege
Design (KEO1) (PKEO) Questions with Correct
Answers 2025/2026
world software security initiatives organized so companies can measure their initiatives and un
derstand how to evolve them over time?, - CORRECT ANSWER -
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing programs? -
CORRECT ANSWER -Static analysis
Which International Organization for Standardization (ISO) standard is the benchmark for infor
mation security today? - CORRECT ANSWER -ISO/IEC 27001.
What is the analysis of computer software that is performed by executing programs on a real o
r virtual processor in real time?, - CORRECT ANSWER -Dynamic analysis
Which person is responsible for designing, planning, and implementing secure coding practices
and security testing methodologies? - CORRECT ANSWER -Software security architect
A company is preparing to add a new feature to its flagship software product. The new feature
is similar to features that have been added in previous years, and the requirements are well-
documented. The project is expected to last three to four months, at which time the new featu
re will be released to customers. Project team members will focus solely on the new feature un
til the project ends. Which software development methodology is being used? -
CORRECT ANSWER -Waterfall
, A new product will require an administration section for a small number of users. Normal users
will be able to view limited customer information and should not see admin functionality withi
n the application. Which concept is being used? - CORRECT ANSWER -
Principle of least privilege
