2/22/26, 1:07 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO
WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN
(KEO1) (PKEO) Actual Practice Questions & Correct Verified
Answers\Assured Success\GRADED A+
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them over
time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing
programs?
Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today?
ISO/IEC 27001.
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?,
Dynamic analysis
Which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
Software security architect
… 1/13
, 2/22/26, 1:07 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and
the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project
team members will focus solely on the new feature until the project ends.
Which software development methodology is being used?
Waterfall
A new product will require an administration section for a small number of users.
Normal users will be able to view limited customer information and should not
see admin
functionality within the application. Which concept is being used?
Principle of least privilege
The scrum team is attending their morning meeting, which is scheduled at the
beginning of the work day. Each team member reports what they accomplished
yesterday, what they plan to accomplish today, and if they have any
impediments that may cause them to miss their delivery deadline. Which scrum
ceremony is the team participating in?
Daily Scrum
What is a list of information security vulnerabilities that aims to provide names
for publicly known problems?
Common computer vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access?
Cryptographic practices
… 2/13
WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN
(KEO1) (PKEO) Actual Practice Questions & Correct Verified
Answers\Assured Success\GRADED A+
What is a study of real-world software security initiatives organized so
companies can measure their initiatives and understand how to evolve them over
time?,
Building Security In Maturity Model (BSIMM)
What is the analysis of computer software that is performed without executing
programs?
Static analysis
Which International Organization for Standardization (ISO) standard is the
benchmark for information security today?
ISO/IEC 27001.
What is the analysis of computer software that is performed by executing
programs on a real or virtual processor in real time?,
Dynamic analysis
Which person is responsible for designing, planning, and implementing secure
coding practices and security testing methodologies?
Software security architect
… 1/13
, 2/22/26, 1:07 PM WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE DESIGN (KEO1) (PKEO
A company is preparing to add a new feature to its flagship software product. The
new feature is similar to features that have been added in previous years, and
the
requirements are well-documented. The project is expected to last three to four
months, at which time the new feature will be released to customers. Project
team members will focus solely on the new feature until the project ends.
Which software development methodology is being used?
Waterfall
A new product will require an administration section for a small number of users.
Normal users will be able to view limited customer information and should not
see admin
functionality within the application. Which concept is being used?
Principle of least privilege
The scrum team is attending their morning meeting, which is scheduled at the
beginning of the work day. Each team member reports what they accomplished
yesterday, what they plan to accomplish today, and if they have any
impediments that may cause them to miss their delivery deadline. Which scrum
ceremony is the team participating in?
Daily Scrum
What is a list of information security vulnerabilities that aims to provide names
for publicly known problems?
Common computer vulnerabilities and exposures (CVE)
Which secure coding best practice uses well-tested, publicly available
algorithms to hide product data from unauthorized access?
Cryptographic practices
… 2/13
