WGU D487 SECURE SW DESIGN OA EXAM NEWEST ACTUAL
2025/2026 WITH COMPLETE ACCURATE QUESTIONS WITH
ANSWERS / VERIFIED/UPDATE / GRADED A+
What SDL security assessment deliverable is used as an input
to an SDL architecture process? - ---Answers=-=-threat
profile
What is alpha level testing? - ---Answers=-=-testing done by
the developers themselves
What is beta level testing? - ---Answers=-=-testing done by
those not familiar with the actual development of the system
What is black box testing? - ---Answers=-=-tests from an
external perspective with no prior knowledge of the software
What is the third phase of the security development life cycle,
in which you analyze and test software to determine security
and privacy issues as you make informed decisions moving
forward with your software? - ---Answers=-=-A3 Design and
Development
What are external resources? - ---Answers=-=-resources
hired on a temporary basis to come into a project, test the
application, and report findings
,What are functional testing scripts? - ---Answers=-=-step-by-
step instructions for a specific scenario or situation
What are gray box testing? - ---Answers=-=-analyzes the
source code for the software to help design the test cases
What are internal resources? - ---Answers=-=-resources
from the company's organization
What are secure testing scripts? - ---Answers=-=-scripts
created specifically for the application being tested
What is white box testing? - ---Answers=-=-tests from an
internal perspective with full knowledge of the software
Which software security testing technique tests the software
from an external perspective? - ---Answers=-=-black box
What testing tests with no prior knowledge of the software?
During this phase, only binary executable or intermediate byte
code is analyzed. - ---Answers=-=-black box
What is phase four of the SDL? - ---Answers=-=-A4 Design
and Development CONT
What is an open-source platform that can perform automatic
reviews with static analysis of code to detect bugs, code
, smells, and security vulnerabilities in over 25 programming
languages. - ---Answers=-=-SonarQube
What is analysis of computer software that is performed
without actually executing programs? - ---Answers=-=-static
anaylysis
What identifies inputs and supplies those to the scanning
components of the security tool? - ---Answers=-=-Spider
Type of request to merge your code into another branch... - ---
Answers=-=-pull request
What silently analyzes all the hypertext transfer protocol
(HTTP) requests and responses passing through the web
application security tool? - ---Answers=-=-passive scanner
Type of test done by the development tester to continually
assess the quality of his or her work... - ---Answers=-=-
exploratory test
Type of application security testing to identify vulnerabilities
within a product application - ---Answers=-=-dynamic
analysis
After the developer is done coding a functionality, when should
code review be completed? - ---Answers=-=-Within
hours/same day
2025/2026 WITH COMPLETE ACCURATE QUESTIONS WITH
ANSWERS / VERIFIED/UPDATE / GRADED A+
What SDL security assessment deliverable is used as an input
to an SDL architecture process? - ---Answers=-=-threat
profile
What is alpha level testing? - ---Answers=-=-testing done by
the developers themselves
What is beta level testing? - ---Answers=-=-testing done by
those not familiar with the actual development of the system
What is black box testing? - ---Answers=-=-tests from an
external perspective with no prior knowledge of the software
What is the third phase of the security development life cycle,
in which you analyze and test software to determine security
and privacy issues as you make informed decisions moving
forward with your software? - ---Answers=-=-A3 Design and
Development
What are external resources? - ---Answers=-=-resources
hired on a temporary basis to come into a project, test the
application, and report findings
,What are functional testing scripts? - ---Answers=-=-step-by-
step instructions for a specific scenario or situation
What are gray box testing? - ---Answers=-=-analyzes the
source code for the software to help design the test cases
What are internal resources? - ---Answers=-=-resources
from the company's organization
What are secure testing scripts? - ---Answers=-=-scripts
created specifically for the application being tested
What is white box testing? - ---Answers=-=-tests from an
internal perspective with full knowledge of the software
Which software security testing technique tests the software
from an external perspective? - ---Answers=-=-black box
What testing tests with no prior knowledge of the software?
During this phase, only binary executable or intermediate byte
code is analyzed. - ---Answers=-=-black box
What is phase four of the SDL? - ---Answers=-=-A4 Design
and Development CONT
What is an open-source platform that can perform automatic
reviews with static analysis of code to detect bugs, code
, smells, and security vulnerabilities in over 25 programming
languages. - ---Answers=-=-SonarQube
What is analysis of computer software that is performed
without actually executing programs? - ---Answers=-=-static
anaylysis
What identifies inputs and supplies those to the scanning
components of the security tool? - ---Answers=-=-Spider
Type of request to merge your code into another branch... - ---
Answers=-=-pull request
What silently analyzes all the hypertext transfer protocol
(HTTP) requests and responses passing through the web
application security tool? - ---Answers=-=-passive scanner
Type of test done by the development tester to continually
assess the quality of his or her work... - ---Answers=-=-
exploratory test
Type of application security testing to identify vulnerabilities
within a product application - ---Answers=-=-dynamic
analysis
After the developer is done coding a functionality, when should
code review be completed? - ---Answers=-=-Within
hours/same day
