WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
1. Which practice in the Ship (A5) phase of the secu- A5 policy compliance
rity development cycle verifies whether the product analysis
meets security mandates?
2. Which post-release support activity defines the PRSA1: External vulnera-
process to communicate, identify, and alleviate secu- bility disclosure response
rity threats?
3. What are two core practice areas of the OWASP Secu- Governance, Construction
rity Assurance Maturity Model (OpenSAMM)?
4. Which practice in the Ship (A5) phase of the security Vulnerability scan
development cycle uses tools to identify weaknesses
in the product?
5. Which post-release support activity should be com- Security architectural re-
pleted when companies are joining together? views
6. Which of the Ship (A5) deliverables of the security Analyze activities and stan-
development cycle are performed during the A5 policy dards
compliance analysis?
7. Which of the Ship (A5) deliverables of the security white-box security test
development cycle are performed during the code-as-
sisted penetration testing?
8. Which of the Ship (A5) deliverables of the secu- license compliance
rity development cycle are performed during the
open-source licensing review?
9. Release and ship
, WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
Which of the Ship (A5) deliverables of the security
development cycle are performed during the final se-
curity review?
10. How can you establish your own SDL to build securi- iterative development
ty into a process appropriate for your organization's
needs based on agile?
11. How can you establish your own SDL to build securi- continuous integration
ty into a process appropriate for your organization's and continuous deploy-
needs based on devops? ments
12. How can you establish your own SDL to build securi- API invocation processes
ty into a process appropriate for your organization's
needs based on cloud?
13. How can you establish your own SDL to build securi- enables and improves
ty into a process appropriate for your organization's business activities
needs based on digital enterprise?
14. Which phase of penetration testing allows for remedi- Deploy
ation to be performed?
15. Which key deliverable occurs during post-release sup- third-party reviews
port?
16. Which business function of OpenSAMM is associated Policy and compliance
with governance?
17. Which business function of OpenSAMM is associated Threat assessment
with construction?
, WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
18. Which business function of OpenSAMM is associated Code review
with verification?
19. Which business function of OpenSAMM is associated Vulnerability management
with deployment?
20. What is the product risk profile? A security assessment de-
liverable that estimates
the actual cost of the
product.
21. A software security team member has been tasked Privacy impact assessment
with creating a deliverable that provides details on
where and to what degree sensitive customer infor-
mation is collected, stored, or created within a new
product offering. What does the team member need
to deliver in order to meet the objective?
22. What is the first phase in the security development life A1 Security Assessment
cycle?
23. What are the three areas of compliance requirements? Legal, financial, and in-
dustry standards
24. What term refers to how the system should function operational requirements
based on the environment in which the system will
operate?
25. During what phase of SDL do all key stakeholders dis- A1 Security Assessment
cuss, identify, and have common understandings of
the security and privacy implications, considerations,
and requirements?
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
1. Which practice in the Ship (A5) phase of the secu- A5 policy compliance
rity development cycle verifies whether the product analysis
meets security mandates?
2. Which post-release support activity defines the PRSA1: External vulnera-
process to communicate, identify, and alleviate secu- bility disclosure response
rity threats?
3. What are two core practice areas of the OWASP Secu- Governance, Construction
rity Assurance Maturity Model (OpenSAMM)?
4. Which practice in the Ship (A5) phase of the security Vulnerability scan
development cycle uses tools to identify weaknesses
in the product?
5. Which post-release support activity should be com- Security architectural re-
pleted when companies are joining together? views
6. Which of the Ship (A5) deliverables of the security Analyze activities and stan-
development cycle are performed during the A5 policy dards
compliance analysis?
7. Which of the Ship (A5) deliverables of the security white-box security test
development cycle are performed during the code-as-
sisted penetration testing?
8. Which of the Ship (A5) deliverables of the secu- license compliance
rity development cycle are performed during the
open-source licensing review?
9. Release and ship
, WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
Which of the Ship (A5) deliverables of the security
development cycle are performed during the final se-
curity review?
10. How can you establish your own SDL to build securi- iterative development
ty into a process appropriate for your organization's
needs based on agile?
11. How can you establish your own SDL to build securi- continuous integration
ty into a process appropriate for your organization's and continuous deploy-
needs based on devops? ments
12. How can you establish your own SDL to build securi- API invocation processes
ty into a process appropriate for your organization's
needs based on cloud?
13. How can you establish your own SDL to build securi- enables and improves
ty into a process appropriate for your organization's business activities
needs based on digital enterprise?
14. Which phase of penetration testing allows for remedi- Deploy
ation to be performed?
15. Which key deliverable occurs during post-release sup- third-party reviews
port?
16. Which business function of OpenSAMM is associated Policy and compliance
with governance?
17. Which business function of OpenSAMM is associated Threat assessment
with construction?
, WGU D487 SECURE SW DESIGN OA EXAM 2025 ACTUAL EXAM COMPLETE
ACCURATE EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+
Study online at https://quizlet.com/_io41hp
18. Which business function of OpenSAMM is associated Code review
with verification?
19. Which business function of OpenSAMM is associated Vulnerability management
with deployment?
20. What is the product risk profile? A security assessment de-
liverable that estimates
the actual cost of the
product.
21. A software security team member has been tasked Privacy impact assessment
with creating a deliverable that provides details on
where and to what degree sensitive customer infor-
mation is collected, stored, or created within a new
product offering. What does the team member need
to deliver in order to meet the objective?
22. What is the first phase in the security development life A1 Security Assessment
cycle?
23. What are the three areas of compliance requirements? Legal, financial, and in-
dustry standards
24. What term refers to how the system should function operational requirements
based on the environment in which the system will
operate?
25. During what phase of SDL do all key stakeholders dis- A1 Security Assessment
cuss, identify, and have common understandings of
the security and privacy implications, considerations,
and requirements?
