WGU D487 PRE-ASSESSMENT: SECURE
SOFTWARE DESIGN (KEO1) (PKEO) | 2026
UPDATE | QUESTIONS AND ANSWERS |
WITH COMPLETE SOLUTION
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them
over time?, - ANSWERS-Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without
executing programs? - ANSWERS-Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today? - ANSWERS-ISO/IEC 27001.
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?, - ANSWERS-Dynamic
analysis
Which person is responsible for designing, planning, and implementing
secure coding practices and security testing methodologies? - ANSWERS-
Software security architect
A company is preparing to add a new feature to its flagship software product.
The new feature is similar to features that have been added in previous
years, and the requirements are well-documented. The project is expected to
last three to four months, at which time the new feature will be released to
customers. Project team members will focus solely on the new feature until
the project ends. Which software development methodology is being used? -
ANSWERS-Waterfall
, A new product will require an administration section for a small number of
users. Normal users will be able to view limited customer information and
should not see admin functionality within the application. Which concept is
being used? - ANSWERS-Principle of least privilege
The scrum team is attending their morning meeting, which is scheduled at
the beginning of the work day. Each team member reports what they
accomplished yesterday, what they plan to accomplish today, and if they
have any impediments that may cause them to miss their delivery deadline.
Which scrum ceremony is the team participating in? - ANSWERS-Daily Scrum
What is a list of information security vulnerabilities that aims to provide
names for publicly known problems? - ANSWERS-Common computer
vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWERS-
Cryptographic practices
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWERS-
Cryptographic practices
Which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions? - ANSWERS-
System configuration
Which secure coding best practice says to use parameterized queries,
encrypted connection strings stored in separate configuration files, and
strong passwords or multi-factor authentication? - ANSWERS-Database
security
SOFTWARE DESIGN (KEO1) (PKEO) | 2026
UPDATE | QUESTIONS AND ANSWERS |
WITH COMPLETE SOLUTION
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them
over time?, - ANSWERS-Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without
executing programs? - ANSWERS-Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today? - ANSWERS-ISO/IEC 27001.
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?, - ANSWERS-Dynamic
analysis
Which person is responsible for designing, planning, and implementing
secure coding practices and security testing methodologies? - ANSWERS-
Software security architect
A company is preparing to add a new feature to its flagship software product.
The new feature is similar to features that have been added in previous
years, and the requirements are well-documented. The project is expected to
last three to four months, at which time the new feature will be released to
customers. Project team members will focus solely on the new feature until
the project ends. Which software development methodology is being used? -
ANSWERS-Waterfall
, A new product will require an administration section for a small number of
users. Normal users will be able to view limited customer information and
should not see admin functionality within the application. Which concept is
being used? - ANSWERS-Principle of least privilege
The scrum team is attending their morning meeting, which is scheduled at
the beginning of the work day. Each team member reports what they
accomplished yesterday, what they plan to accomplish today, and if they
have any impediments that may cause them to miss their delivery deadline.
Which scrum ceremony is the team participating in? - ANSWERS-Daily Scrum
What is a list of information security vulnerabilities that aims to provide
names for publicly known problems? - ANSWERS-Common computer
vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWERS-
Cryptographic practices
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access? - ANSWERS-
Cryptographic practices
Which secure coding best practice ensures servers, frameworks, and system
components are all running the latest approved versions? - ANSWERS-
System configuration
Which secure coding best practice says to use parameterized queries,
encrypted connection strings stored in separate configuration files, and
strong passwords or multi-factor authentication? - ANSWERS-Database
security
