WGU D487 SECURE SW DESIGN OA EXAM NEWEST ACTUAL 2025/2026 WITH COMPLETE ACCURATE QUESTIONS WITH ANSWERS / VERIFIED/UPDATE / GRADED A+

1



WGU D487 SECURE SW DESIGN OA EXAM NEWEST
ACTUAL 2025/2026 WITH COMPLETE ACCURATE
QUESTIONS WITH ANSWERS / VERIFIED/UPDATE /
GRADED A+
Which practice in the Ship (A5) phase of the security development cycle verifies
whether the product meets security mandates? - (ANSWER)A5 policy compliance
analysis



Which post-release support activity defines the process to communicate, identify,
and alleviate security threats? - (ANSWER)PRSA1: External vulnerability
disclosure response



What are two core practice areas of the OWASP Security Assurance Maturity
Model (OpenSAMM)? - (ANSWER)Governance, Construction



Which practice in the Ship (A5) phase of the security development cycle uses tools
to identify weaknesses in the product? - (ANSWER)Vulnerability scan



Which post-release support activity should be completed when companies are
joining together? - (ANSWER)Security architectural reviews



Which of the Ship (A5) deliverables of the security development cycle are
performed during the A5 policy compliance analysis? - (ANSWER)Analyze
activities and standards

, 2


Which of the Ship (A5) deliverables of the security development cycle are
performed during the code-assisted penetration testing? - (ANSWER)white-box
security test



Which of the Ship (A5) deliverables of the security development cycle are
performed during the open-source licensing review? - (ANSWER)license
compliance



Which of the Ship (A5) deliverables of the security development cycle are
performed during the final security review? - (ANSWER)Release and ship



How can you establish your own SDL to build security into a process appropriate
for your organization's needs based on agile? - (ANSWER)iterative development



How can you establish your own SDL to build security into a process appropriate
for your organization's needs based on devops? - (ANSWER)continuous
integration and continuous deployments



How can you establish your own SDL to build security into a process appropriate
for your organization's needs based on cloud? - (ANSWER)API invocation
processes



How can you establish your own SDL to build security into a process appropriate
for your organization's needs based on digital enterprise? - (ANSWER)enables
and improves business activities

, 3


Which phase of penetration testing allows for remediation to be performed? -
(ANSWER)Deploy



Which key deliverable occurs during post-release support? - (ANSWER)third-party
reviews



Which business function of OpenSAMM is associated with governance? -
(ANSWER)Policy and compliance



Which business function of OpenSAMM is associated with construction? -
(ANSWER)Threat assessment



Which business function of OpenSAMM is associated with verification? -
(ANSWER)Code review



Which business function of OpenSAMM is associated with deployment? -
(ANSWER)Vulnerability management



What is the product risk profile? - (ANSWER)A security assessment deliverable
that estimates the actual cost of the product.



A software security team member has been tasked with creating a deliverable
that provides details on where and to what degree sensitive customer
information is collected, stored, or created within a new product offering. What