WGU D487 SECURE SOFTWARE DESIGN
PRACTICE EXAMINATION ACTUAL
QUESTIONS ASSESSMENT 2026 DETAILED
QUESTIONS WITH VERY ELABORATED
CORRECTLY DEFINED SOLUTIONS WELL
ARRANGED GRADED A
⩥ What ensures that the user has the appropriate role and privilege to
view data? Answer: Authorization
⩥ Which security goal is defined by "guarding against improper
information modification or destruction and ensuring information non-
repudiation and authenticity"? Answer: Integrity
⩥ Which phase in an SDLC helps to define the problem and scope of
any existing systems and determine the objectives of new systems?
Answer: Planning
⩥ What happens during a dynamic code review? Answer: Programmers
monitor system memory, functional behavior, response times, and
overall performance.
,⩥ How should you store your application user credentials in your
application database? Answer: Store credentials using salted hashes
⩥ Which software methodology resembles an assembly-line approach?
Answer: Waterfall model
⩥ Which software methodology approach provides faster time to market
and higher business value? Answer: Agile model
⩥ In Scrum methodology, who is responsible for making decisions on
the requirements? Answer: Product Owner
⩥ What is the product risk profile? Answer: A security assessment
deliverable that estimates the actual cost of the product
⩥ A software security team member has been tasked with creating a
deliverable that provides details on where and to what degree sensitive
customer information is collected, stored, or created within a new
product offering.
What does the team member need to deliver in order to meet the
objective? Answer: Privacy impact assessment
, ⩥ A software security team member has been tasked with creating a
threat model for the login process of a new product.What is the first step
the team member should take? Answer: Identify security objectives
⩥ What are three parts of the STRIDE methodology? Answer: Spoofing,
Elevation, Tampering
⩥ What is the reason software security teams host discovery meetings
with stakeholders early in the development life cycle? Answer: To
ensure that security is built into the product from the start
⩥ Why should a security team provide documented certification
requirements during the software assessment phase? Answer: Depending
on the environment in which the product resides, certifications may be
required by corporate or government entities before the software can be
released to customers.
⩥ What are two items that should be included in the privacy impact
assessment plan regardless of which methodology is used? Answer:
Required process steps & Technologies and techniques
⩥ What are the goals of each SDL deliverable? - Product Risk Profile
Answer: Estimate the actual cost of the product
PRACTICE EXAMINATION ACTUAL
QUESTIONS ASSESSMENT 2026 DETAILED
QUESTIONS WITH VERY ELABORATED
CORRECTLY DEFINED SOLUTIONS WELL
ARRANGED GRADED A
⩥ What ensures that the user has the appropriate role and privilege to
view data? Answer: Authorization
⩥ Which security goal is defined by "guarding against improper
information modification or destruction and ensuring information non-
repudiation and authenticity"? Answer: Integrity
⩥ Which phase in an SDLC helps to define the problem and scope of
any existing systems and determine the objectives of new systems?
Answer: Planning
⩥ What happens during a dynamic code review? Answer: Programmers
monitor system memory, functional behavior, response times, and
overall performance.
,⩥ How should you store your application user credentials in your
application database? Answer: Store credentials using salted hashes
⩥ Which software methodology resembles an assembly-line approach?
Answer: Waterfall model
⩥ Which software methodology approach provides faster time to market
and higher business value? Answer: Agile model
⩥ In Scrum methodology, who is responsible for making decisions on
the requirements? Answer: Product Owner
⩥ What is the product risk profile? Answer: A security assessment
deliverable that estimates the actual cost of the product
⩥ A software security team member has been tasked with creating a
deliverable that provides details on where and to what degree sensitive
customer information is collected, stored, or created within a new
product offering.
What does the team member need to deliver in order to meet the
objective? Answer: Privacy impact assessment
, ⩥ A software security team member has been tasked with creating a
threat model for the login process of a new product.What is the first step
the team member should take? Answer: Identify security objectives
⩥ What are three parts of the STRIDE methodology? Answer: Spoofing,
Elevation, Tampering
⩥ What is the reason software security teams host discovery meetings
with stakeholders early in the development life cycle? Answer: To
ensure that security is built into the product from the start
⩥ Why should a security team provide documented certification
requirements during the software assessment phase? Answer: Depending
on the environment in which the product resides, certifications may be
required by corporate or government entities before the software can be
released to customers.
⩥ What are two items that should be included in the privacy impact
assessment plan regardless of which methodology is used? Answer:
Required process steps & Technologies and techniques
⩥ What are the goals of each SDL deliverable? - Product Risk Profile
Answer: Estimate the actual cost of the product
