WGU D487 SECURE SW DESIGN OA EXAM 2024 ACTUAL
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
!@#$%%%%%
Which practice in the Ship (A5) phase of the security development cycle verifies whether the
product meets security mandates? - (ANSWERS)A5 policy compliance analysis %%%%%%
Which post-release support activity defines the process to communicate, identify, and alleviate
security threats? - (ANSWERS)PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security Assurance Maturity Model
(opensamm)? - (ANSWERS)Governance, Construction
Which practice in the Ship (A5) phase of the security development cycle uses tools to identify
weaknesses in the product? - (ANSWERS)Vulnerability scan
Which post-release support activity should be completed when companies are joining
together? - (ANSWERS)Security architectural reviews
Which of the Ship (A5) deliverables of the security development cycle are performed during the
A5 policy compliance analysis? - (ANSWERS)Analyze activities and standards
Which of the Ship (A5) deliverables of the security development cycle are performed during the
code-assisted penetration testing? - (ANSWERS)white-box security test
Which of the Ship (A5) deliverables of the security development cycle are performed during the
open-source licensing review? - (ANSWERS)license compliance
Which of the Ship (A5) deliverables of the security development cycle are performed during the
final security review? - (ANSWERS)Release and ship
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on agile? - (ANSWERS)iterative development
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on devops? - (ANSWERS)continuous integration and continuous
deployments
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on cloud? - (ANSWERS)API invocation processes
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on digital enterprise? - (ANSWERS)enables and improves business
activities
, WGU D487 SECURE SW DESIGN OA EXAM 2024 ACTUAL
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
!@#$%%%%%
Which phase of penetration testing allows for remediation to be %%%%%%
performed? -
(ANSWERS)Deploy
Which key deliverable occurs during post-release support? - (ANSWERS)third-party reviews
Which business function of opensamm is associated with governance? - (ANSWERS)Policy and
compliance
Which business function of opensamm is associated with construction? - (ANSWERS)Threat
assessment
Which business function of opensamm is associated with verification? - (ANSWERS)Code
review
Which business function of opensamm is associated with deployment? -
(ANSWERS)Vulnerability management
What is the product risk profile? - (ANSWERS)A security assessment deliverable that estimates
the actual cost of the product.
A software security team member has been tasked with creating a deliverable that provides
details on where and to what degree sensitive customer information is collected, stored, or
created within a new product offering. What does the team member need to deliver in order to
meet the objective? - (ANSWERS)Privacy impact assessment
What is the first phase in the security development life cycle? - (ANSWERS)A1 Security
Assessment
What are the three areas of compliance requirements? - (ANSWERS)Legal, financial, and
industry standards
What term refers to how the system should function based on the environment in which the
system will operate? - (ANSWERS)operational requirements
During what phase of SDL do all key stakeholders discuss, identify, and have common
understandings of the security and privacy implications, considerations, and requirements? -
(ANSWERS)A1 Security Assessment
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
!@#$%%%%%
Which practice in the Ship (A5) phase of the security development cycle verifies whether the
product meets security mandates? - (ANSWERS)A5 policy compliance analysis %%%%%%
Which post-release support activity defines the process to communicate, identify, and alleviate
security threats? - (ANSWERS)PRSA1: External vulnerability disclosure response
What are two core practice areas of the OWASP Security Assurance Maturity Model
(opensamm)? - (ANSWERS)Governance, Construction
Which practice in the Ship (A5) phase of the security development cycle uses tools to identify
weaknesses in the product? - (ANSWERS)Vulnerability scan
Which post-release support activity should be completed when companies are joining
together? - (ANSWERS)Security architectural reviews
Which of the Ship (A5) deliverables of the security development cycle are performed during the
A5 policy compliance analysis? - (ANSWERS)Analyze activities and standards
Which of the Ship (A5) deliverables of the security development cycle are performed during the
code-assisted penetration testing? - (ANSWERS)white-box security test
Which of the Ship (A5) deliverables of the security development cycle are performed during the
open-source licensing review? - (ANSWERS)license compliance
Which of the Ship (A5) deliverables of the security development cycle are performed during the
final security review? - (ANSWERS)Release and ship
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on agile? - (ANSWERS)iterative development
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on devops? - (ANSWERS)continuous integration and continuous
deployments
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on cloud? - (ANSWERS)API invocation processes
How can you establish your own SDL to build security into a process appropriate for your
organization's needs based on digital enterprise? - (ANSWERS)enables and improves business
activities
, WGU D487 SECURE SW DESIGN OA EXAM 2024 ACTUAL
EXAM COMPLETE ACCURATE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS
!@#$%%%%%
Which phase of penetration testing allows for remediation to be %%%%%%
performed? -
(ANSWERS)Deploy
Which key deliverable occurs during post-release support? - (ANSWERS)third-party reviews
Which business function of opensamm is associated with governance? - (ANSWERS)Policy and
compliance
Which business function of opensamm is associated with construction? - (ANSWERS)Threat
assessment
Which business function of opensamm is associated with verification? - (ANSWERS)Code
review
Which business function of opensamm is associated with deployment? -
(ANSWERS)Vulnerability management
What is the product risk profile? - (ANSWERS)A security assessment deliverable that estimates
the actual cost of the product.
A software security team member has been tasked with creating a deliverable that provides
details on where and to what degree sensitive customer information is collected, stored, or
created within a new product offering. What does the team member need to deliver in order to
meet the objective? - (ANSWERS)Privacy impact assessment
What is the first phase in the security development life cycle? - (ANSWERS)A1 Security
Assessment
What are the three areas of compliance requirements? - (ANSWERS)Legal, financial, and
industry standards
What term refers to how the system should function based on the environment in which the
system will operate? - (ANSWERS)operational requirements
During what phase of SDL do all key stakeholders discuss, identify, and have common
understandings of the security and privacy implications, considerations, and requirements? -
(ANSWERS)A1 Security Assessment
