WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS (100% CORRECT ANSWERS)
/ALREADY GRADED A+
What is the first phase in the security A1 Security Assessment
development life cycle?
What are the three areas of compliance Legal, financial, and industry standards
requirements?
What term refers to how the system operational requirements
should function based on the
environment in which the system will
operate?
During what phase of SDL do all key A1 Security Assessment
stakeholders discuss, identify, and
have common understandings of the
security and privacy implications,
considerations, and
requirements?
What are the three areas of focus in Gathering the software requirements, data classification,
secure software requirements? and managing data protection requirements
During what phase of SDL is an initial A1 Security Assessment
project outline for security
milestones developed and integrated
into the development project
schedule?
What term means requirements that functional requirements
describe what the system will do and
its core purpose?
What term means requirements that non-functional requirements
describe any
constraints or restrictions on a design
but do not impact the core purpose
of the system
, different perspectives?
What term is a table that lists all of the requirement traceability matrix
security requirements
What term is the environment in threat profile
which the product will operate and
potential threats in that
environment?
What phase of the SDL examines A2 Architecture Phase
security in terms of business risks,
with inputs from the software security
team and key stakeholders?
In what phase of the SDL is threat A2 Architecture Phase
modeling conducted?
What is it called when technicians threat modeling
identify security objectives, survey
applications, decompose
applications, identify threats, and
identify vulnerabilities?
What is the process to pinpoint threat modeling
security threats and potential
vulnerabilities that will help prioritize
remediation.
Five steps of threat modeling are: identify security objectives, survey the application,
decompose it, identify threats, and identify
vulnerabilities.
What does STRIDE stand for? spoofing, tampering, repudiation, information disclosure,
denial of service, and elevation of privilege
What does PASTA stand for? process of attack simulation and threat analysis
How should you rank an organization's based on their probability and damage potential.
threats?
What does DREAD stand for? damage potential, reproducibility, exploitability,
affected users, and discoverability
What is a weakness that can be vulnerability
exploited?
What is a unified conceptual Trike Threat Model
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS (100% CORRECT ANSWERS)
/ALREADY GRADED A+
What is the first phase in the security A1 Security Assessment
development life cycle?
What are the three areas of compliance Legal, financial, and industry standards
requirements?
What term refers to how the system operational requirements
should function based on the
environment in which the system will
operate?
During what phase of SDL do all key A1 Security Assessment
stakeholders discuss, identify, and
have common understandings of the
security and privacy implications,
considerations, and
requirements?
What are the three areas of focus in Gathering the software requirements, data classification,
secure software requirements? and managing data protection requirements
During what phase of SDL is an initial A1 Security Assessment
project outline for security
milestones developed and integrated
into the development project
schedule?
What term means requirements that functional requirements
describe what the system will do and
its core purpose?
What term means requirements that non-functional requirements
describe any
constraints or restrictions on a design
but do not impact the core purpose
of the system
, different perspectives?
What term is a table that lists all of the requirement traceability matrix
security requirements
What term is the environment in threat profile
which the product will operate and
potential threats in that
environment?
What phase of the SDL examines A2 Architecture Phase
security in terms of business risks,
with inputs from the software security
team and key stakeholders?
In what phase of the SDL is threat A2 Architecture Phase
modeling conducted?
What is it called when technicians threat modeling
identify security objectives, survey
applications, decompose
applications, identify threats, and
identify vulnerabilities?
What is the process to pinpoint threat modeling
security threats and potential
vulnerabilities that will help prioritize
remediation.
Five steps of threat modeling are: identify security objectives, survey the application,
decompose it, identify threats, and identify
vulnerabilities.
What does STRIDE stand for? spoofing, tampering, repudiation, information disclosure,
denial of service, and elevation of privilege
What does PASTA stand for? process of attack simulation and threat analysis
How should you rank an organization's based on their probability and damage potential.
threats?
What does DREAD stand for? damage potential, reproducibility, exploitability,
affected users, and discoverability
What is a weakness that can be vulnerability
exploited?
What is a unified conceptual Trike Threat Model
