WGU D487 OA SECURE SOFTWARE DESIGN OBJECTIVE
ASSESSMENT - EXAM NEWEST ACTUAL EXAM WITH COMPLETE
QUESTIONS AND CORRECT ANSWERS (VERIFIED) GRADED A+ |
UPDATED 2027/2027 | D487 SECURE SOFTWARE DESIGN OBJECTIVE
ASSESSMENT | GUARANTEED PASS.
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
-fail-safe
-defense-in-depth
-separation of duties
-open design - Correct Answer > -defense in depth
Which type of requirement specifies that file formats the application sends to
financial institutions must be certified every four years?
-Non-functional requirement
-Operational requirement
-Compliance requirement
-Functional requirement - Correct Answer > -compliance requirement
The software security group is conducting a maturity assessment using the
Building Security in Maturity Model (BSIMM). They are currently focused on
reviewing security testing results from recently completed initiatives. Which
BSIMM domain is being assessed?
-Software security development life cycle (SSDL) touchpoints
-Intelligence
,-Governance
-Deployment - Correct Answer > -Software security development life cycle (SSDL)
touchpoints
what is the analysis of computer software that is performed by executing programs
on a real or virtual processor in real time?
-dynamic analysis
-static analysis
-fuzzing
-security testing - Correct Answer > -dynamic analysis
which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
-software security architect
-product security developer
-software security champion
-software tester - Correct Answer > -software security architect
which secure coding best practice uses well-tested, publicly available algorithms to
hide product data from unauthorized access?
-access control
-authentication and password management
-cryptographic practices
-data protection - Correct Answer > -cryptographic practices
, which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions?
-file management
-input validation
-database security
-system configuration - Correct Answer > -system configuration
Which secure coding best practice says to use parameterized queries, encrypted
connection strings stored in separate configuration files, and strong passwords or
multi-factor authentication?
-access control
-database security
-file management
-session management - Correct Answer > -database security
which secure coding best practice says that all information passed to other systems
should be encrypted?
-output encoding
-memory management
-communication security
-database security - Correct Answer > -communication security
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project team
ASSESSMENT - EXAM NEWEST ACTUAL EXAM WITH COMPLETE
QUESTIONS AND CORRECT ANSWERS (VERIFIED) GRADED A+ |
UPDATED 2027/2027 | D487 SECURE SOFTWARE DESIGN OBJECTIVE
ASSESSMENT | GUARANTEED PASS.
What is the application of multiple layers of protection so that, if one layer is
breached, the next layer provides protection?
-fail-safe
-defense-in-depth
-separation of duties
-open design - Correct Answer > -defense in depth
Which type of requirement specifies that file formats the application sends to
financial institutions must be certified every four years?
-Non-functional requirement
-Operational requirement
-Compliance requirement
-Functional requirement - Correct Answer > -compliance requirement
The software security group is conducting a maturity assessment using the
Building Security in Maturity Model (BSIMM). They are currently focused on
reviewing security testing results from recently completed initiatives. Which
BSIMM domain is being assessed?
-Software security development life cycle (SSDL) touchpoints
-Intelligence
,-Governance
-Deployment - Correct Answer > -Software security development life cycle (SSDL)
touchpoints
what is the analysis of computer software that is performed by executing programs
on a real or virtual processor in real time?
-dynamic analysis
-static analysis
-fuzzing
-security testing - Correct Answer > -dynamic analysis
which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
-software security architect
-product security developer
-software security champion
-software tester - Correct Answer > -software security architect
which secure coding best practice uses well-tested, publicly available algorithms to
hide product data from unauthorized access?
-access control
-authentication and password management
-cryptographic practices
-data protection - Correct Answer > -cryptographic practices
, which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions?
-file management
-input validation
-database security
-system configuration - Correct Answer > -system configuration
Which secure coding best practice says to use parameterized queries, encrypted
connection strings stored in separate configuration files, and strong passwords or
multi-factor authentication?
-access control
-database security
-file management
-session management - Correct Answer > -database security
which secure coding best practice says that all information passed to other systems
should be encrypted?
-output encoding
-memory management
-communication security
-database security - Correct Answer > -communication security
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project team
