1
WGU D487 SECURE SW DESIGN EXAM Actual
Exam 2026/2027 2 Versions A and B Complete
Questions and Verified Answers Already Graded A+
Pass Guaranteed - A+ Graded
VERSION A - COMPLETE EXAM (100 QUESTIONS)
VERSION A - SECTION 1: SECURE SOFTWARE DEVELOPMENT FUNDAMENTALS
(Questions 1-15)
Q1 (Version A): A software development team is implementing a new application and wants to
ensure that users can only access data they are explicitly authorized to view. Which security
principle is primarily being addressed?
A. Availability
B. Confidentiality. [CORRECT]
C. Non-repudiation
D. Accounting
Correct Answer: B
Rationale: Confidentiality ensures that information is not disclosed to unauthorized individuals,
entities, or processes. Restricting data access to authorized users directly supports confidentiality
(B). Availability (A) ensures timely access. Non-repudiation (C) prevents denying actions.
Accounting (D) involves logging and monitoring.
Q2 (Version A): During the requirements phase of a secure development lifecycle, a team
documents potential ways attackers could misuse the system's authentication functionality. What
is this activity called?
A. Threat modeling
B. Misuse case development. [CORRECT]
C. Penetration testing
D. Code review
Correct Answer: B
Rationale: Misuse cases document how attackers might abuse system functionality, created
,2
during requirements engineering to identify security needs (B). Threat modeling (A) identifies
threats systematically. Penetration testing (C) occurs post-implementation. Code review (D)
examines source code.
Q3 (Version A): A development team is following the Microsoft SDL. In which phase should
security requirements be explicitly defined and documented?
A. Implementation
B. Verification
C. Requirements. [CORRECT]
D. Release
Correct Answer: C
Rationale: The Microsoft SDL defines security requirements during the Requirements phase,
establishing what security controls the application must implement (C). Implementation (A) is
coding. Verification (B) involves testing. Release (D) is deployment.
Q4 (Version A): An application logs all user authentication attempts, successful data access, and
administrative actions. This implementation primarily supports which AAA component?
A. Authentication
B. Authorization
C. Accounting. [CORRECT]
D. Auditing
Correct Answer: C
Rationale: Accounting (or auditing) involves tracking and logging user activities and resource
usage for accountability and analysis (C). Authentication (A) verifies identity. Authorization (B)
determines access rights. Auditing (D) is synonymous with accounting in this context.
Q5 (Version A): A company wants to ensure that if one security control fails, others remain to
protect the system. This approach aligns with which fundamental security principle?
A. Defense in depth. [CORRECT]
B. Least privilege
C. Fail-safe defaults
D. Open design
Correct Answer: A
Rationale: Defense in depth implements multiple overlapping security layers so that the failure
,3
of one control does not compromise the entire system (A). Least privilege (B) limits access
rights. Fail-safe defaults (C) deny access by default. Open design (D) means security isn't based
on secrecy.
Q6 (Version A): In the NIST Secure Software Development Framework (SSDF), which practice
involves defining security requirements based on risk and compliance needs?
A. Protect software
B. Prepare the organization
C. Define security requirements. [CORRECT]
D. Respond to vulnerabilities
Correct Answer: C
Rationale: NIST SSDF PO.1 explicitly covers defining security requirements based on risk
tolerance, compliance, and business needs (C). Protect software (A) involves safeguarding
components. Prepare the organization (B) establishes policies. Respond to vulnerabilities (D)
handles post-deployment issues.
Q7 (Version A): A developer ensures that user passwords are never stored in plaintext and that
failed login attempts are logged. Which two security principles are being applied?
A. Confidentiality and non-repudiation
B. Integrity and availability
C. Confidentiality and accountability. [CORRECT]
D. Integrity and confidentiality
Correct Answer: C
Rationale: Hashing passwords protects confidentiality; logging failed attempts supports
accountability/accounting (C). While integrity is important, these specific actions don't primarily
address integrity or availability.
Q8 (Version A): During the design phase, a team identifies that an attacker could potentially
bypass authentication by manipulating URL parameters. What SDL activity should have
prevented this?
A. Secure coding training
B. Threat modeling. [CORRECT]
C. Dynamic testing
D. Deployment review
, 4
Correct Answer: B
Rationale: Threat modeling during design identifies architectural vulnerabilities like
authentication bypasses before coding begins (B). Secure coding training (A) helps but doesn't
identify design flaws. Dynamic testing (C) occurs too late. Deployment review (D) is post-
development.
Q9 (Version A): Which OWASP SAMM business function focuses on establishing security
strategy and governance?
A. Construction
B. Verification
C. Governance. [CORRECT]
D. Operations
Correct Answer: C
Rationale: OWASP SAMM's Governance function covers strategy, metrics, policy, and
compliance—establishing the security program foundation (C). Construction (A) involves
development. Verification (B) covers testing. Operations (D) handles incident response and
environment management.
Q10 (Version A): A system is designed to deny all access attempts unless explicitly granted. This
implementation exemplifies which security principle?
A. Separation of duties
B. Fail-safe defaults. [CORRECT]
C. Complete mediation
D. Economy of mechanism
Correct Answer: B
Rationale: Fail-safe defaults means the default state is secure—denying access unless explicitly
permitted, preventing accidental exposure (B). Separation of duties (A) splits responsibilities.
Complete mediation (C) checks permissions every time. Economy of mechanism (D) keeps
designs simple.
Q11 (Version A): A development team creates detailed scenarios describing how an attacker
might exploit the application's file upload feature to execute malicious code. What security
requirements engineering technique is being used?
A. Use case modeling
B. Abuse case development. [CORRECT]
WGU D487 SECURE SW DESIGN EXAM Actual
Exam 2026/2027 2 Versions A and B Complete
Questions and Verified Answers Already Graded A+
Pass Guaranteed - A+ Graded
VERSION A - COMPLETE EXAM (100 QUESTIONS)
VERSION A - SECTION 1: SECURE SOFTWARE DEVELOPMENT FUNDAMENTALS
(Questions 1-15)
Q1 (Version A): A software development team is implementing a new application and wants to
ensure that users can only access data they are explicitly authorized to view. Which security
principle is primarily being addressed?
A. Availability
B. Confidentiality. [CORRECT]
C. Non-repudiation
D. Accounting
Correct Answer: B
Rationale: Confidentiality ensures that information is not disclosed to unauthorized individuals,
entities, or processes. Restricting data access to authorized users directly supports confidentiality
(B). Availability (A) ensures timely access. Non-repudiation (C) prevents denying actions.
Accounting (D) involves logging and monitoring.
Q2 (Version A): During the requirements phase of a secure development lifecycle, a team
documents potential ways attackers could misuse the system's authentication functionality. What
is this activity called?
A. Threat modeling
B. Misuse case development. [CORRECT]
C. Penetration testing
D. Code review
Correct Answer: B
Rationale: Misuse cases document how attackers might abuse system functionality, created
,2
during requirements engineering to identify security needs (B). Threat modeling (A) identifies
threats systematically. Penetration testing (C) occurs post-implementation. Code review (D)
examines source code.
Q3 (Version A): A development team is following the Microsoft SDL. In which phase should
security requirements be explicitly defined and documented?
A. Implementation
B. Verification
C. Requirements. [CORRECT]
D. Release
Correct Answer: C
Rationale: The Microsoft SDL defines security requirements during the Requirements phase,
establishing what security controls the application must implement (C). Implementation (A) is
coding. Verification (B) involves testing. Release (D) is deployment.
Q4 (Version A): An application logs all user authentication attempts, successful data access, and
administrative actions. This implementation primarily supports which AAA component?
A. Authentication
B. Authorization
C. Accounting. [CORRECT]
D. Auditing
Correct Answer: C
Rationale: Accounting (or auditing) involves tracking and logging user activities and resource
usage for accountability and analysis (C). Authentication (A) verifies identity. Authorization (B)
determines access rights. Auditing (D) is synonymous with accounting in this context.
Q5 (Version A): A company wants to ensure that if one security control fails, others remain to
protect the system. This approach aligns with which fundamental security principle?
A. Defense in depth. [CORRECT]
B. Least privilege
C. Fail-safe defaults
D. Open design
Correct Answer: A
Rationale: Defense in depth implements multiple overlapping security layers so that the failure
,3
of one control does not compromise the entire system (A). Least privilege (B) limits access
rights. Fail-safe defaults (C) deny access by default. Open design (D) means security isn't based
on secrecy.
Q6 (Version A): In the NIST Secure Software Development Framework (SSDF), which practice
involves defining security requirements based on risk and compliance needs?
A. Protect software
B. Prepare the organization
C. Define security requirements. [CORRECT]
D. Respond to vulnerabilities
Correct Answer: C
Rationale: NIST SSDF PO.1 explicitly covers defining security requirements based on risk
tolerance, compliance, and business needs (C). Protect software (A) involves safeguarding
components. Prepare the organization (B) establishes policies. Respond to vulnerabilities (D)
handles post-deployment issues.
Q7 (Version A): A developer ensures that user passwords are never stored in plaintext and that
failed login attempts are logged. Which two security principles are being applied?
A. Confidentiality and non-repudiation
B. Integrity and availability
C. Confidentiality and accountability. [CORRECT]
D. Integrity and confidentiality
Correct Answer: C
Rationale: Hashing passwords protects confidentiality; logging failed attempts supports
accountability/accounting (C). While integrity is important, these specific actions don't primarily
address integrity or availability.
Q8 (Version A): During the design phase, a team identifies that an attacker could potentially
bypass authentication by manipulating URL parameters. What SDL activity should have
prevented this?
A. Secure coding training
B. Threat modeling. [CORRECT]
C. Dynamic testing
D. Deployment review
, 4
Correct Answer: B
Rationale: Threat modeling during design identifies architectural vulnerabilities like
authentication bypasses before coding begins (B). Secure coding training (A) helps but doesn't
identify design flaws. Dynamic testing (C) occurs too late. Deployment review (D) is post-
development.
Q9 (Version A): Which OWASP SAMM business function focuses on establishing security
strategy and governance?
A. Construction
B. Verification
C. Governance. [CORRECT]
D. Operations
Correct Answer: C
Rationale: OWASP SAMM's Governance function covers strategy, metrics, policy, and
compliance—establishing the security program foundation (C). Construction (A) involves
development. Verification (B) covers testing. Operations (D) handles incident response and
environment management.
Q10 (Version A): A system is designed to deny all access attempts unless explicitly granted. This
implementation exemplifies which security principle?
A. Separation of duties
B. Fail-safe defaults. [CORRECT]
C. Complete mediation
D. Economy of mechanism
Correct Answer: B
Rationale: Fail-safe defaults means the default state is secure—denying access unless explicitly
permitted, preventing accidental exposure (B). Separation of duties (A) splits responsibilities.
Complete mediation (C) checks permissions every time. Economy of mechanism (D) keeps
designs simple.
Q11 (Version A): A development team creates detailed scenarios describing how an attacker
might exploit the application's file upload feature to execute malicious code. What security
requirements engineering technique is being used?
A. Use case modeling
B. Abuse case development. [CORRECT]
