WGU D487 PRE-ASSESSMENT: SECURE SOFTWARE
DESIGN (KEO1) (PKEO) ACTUAL EXAM || MOST
RECENT EXAM 2026-2027 ACTUAL COMPLETE
REAL EXAM QUESTIONS AND CORRECT
ANSWERS (VERIFIED ANSWERS) ALREADY
GRADED A+ | GUARANTEED SUCCESS!!
NEWEST EXAM | JUST RELEASED!!
The DREAD methodology has been used to classify an
identified exploit where: the attacker could log in as an
administrator (damage potential) the attacker could log in at
any time (reproducibility) almost anybody could perform the
attack (exploitability) all system users could be affected
(affected users)
any person who knows how to open dev tools in a browser
could find the vulnerability (discoverability)
Which rating should be assigned to the exploit after
performing an analysis using a ternary ranking scale where
high risk = 3 points, medium risk = 2 points, and low risk = 1
point? - ANSWER-High risk
What is the recommended way to mitigate a threat
identified during threat
modeling? - ANSWER-Apply a standard accepted
countermeasure
, The organization's testing team has created a catalog of test
cases using the source code and design documentation of the
new product. Each test case will be executed for each user role
in the new product. Which type of security testing technique is
being performed? - ANSWER-White-box
Security team members have been instructed to document
which developers
and analysts will perform product testing and which tools they
will use. Which
step of the security test plan is being performed? - ANSWER-
Identify internal
resources
Security team members have been instructed to document how
many users will access the new product and what roles those
users will play. Which step of the security test plan is being
performed? - ANSWER-Define the user community
The project team received a SonarQube report of their most
recent stage deployment that contains 15 vulnerabilities that
must be fixed before the product may be released to
production. Which security testing technique is being used?
- ANSWER-Source-code analysis
What is the application of multiple layers of protection so
that, if one layer is
breached, the next layer provides protection? - ANSWER-
Defense in depth
DESIGN (KEO1) (PKEO) ACTUAL EXAM || MOST
RECENT EXAM 2026-2027 ACTUAL COMPLETE
REAL EXAM QUESTIONS AND CORRECT
ANSWERS (VERIFIED ANSWERS) ALREADY
GRADED A+ | GUARANTEED SUCCESS!!
NEWEST EXAM | JUST RELEASED!!
The DREAD methodology has been used to classify an
identified exploit where: the attacker could log in as an
administrator (damage potential) the attacker could log in at
any time (reproducibility) almost anybody could perform the
attack (exploitability) all system users could be affected
(affected users)
any person who knows how to open dev tools in a browser
could find the vulnerability (discoverability)
Which rating should be assigned to the exploit after
performing an analysis using a ternary ranking scale where
high risk = 3 points, medium risk = 2 points, and low risk = 1
point? - ANSWER-High risk
What is the recommended way to mitigate a threat
identified during threat
modeling? - ANSWER-Apply a standard accepted
countermeasure
, The organization's testing team has created a catalog of test
cases using the source code and design documentation of the
new product. Each test case will be executed for each user role
in the new product. Which type of security testing technique is
being performed? - ANSWER-White-box
Security team members have been instructed to document
which developers
and analysts will perform product testing and which tools they
will use. Which
step of the security test plan is being performed? - ANSWER-
Identify internal
resources
Security team members have been instructed to document how
many users will access the new product and what roles those
users will play. Which step of the security test plan is being
performed? - ANSWER-Define the user community
The project team received a SonarQube report of their most
recent stage deployment that contains 15 vulnerabilities that
must be fixed before the product may be released to
production. Which security testing technique is being used?
- ANSWER-Source-code analysis
What is the application of multiple layers of protection so
that, if one layer is
breached, the next layer provides protection? - ANSWER-
Defense in depth
