1|Page
WGU - D487 OA EXAM | {LATEST 2026/ 2027
UPDATE} COMPLETE ACTUAL AND AUTHENTIC
EXAM | BRAND NEW!
What is the purpose of the Product risk profile deliverable in Security
Assessment (A1)? ......ANSWER......To estimate the actual cost of the
product.
What is the goal of the SDL project outline in Security Assessment (A1)?
......ANSWER......To map SDL activities to the development schedule.
Why are Applicable laws and regulations important in Security
Assessment (A1)? ......ANSWER......To obtain formal sign-off from
stakeholders on applicable laws.
What is the purpose of the Threat profile in Security Assessment (A1)?
......ANSWER......To guide SDL activities to mitigate threats.
What is the goal of the Certification requirements deliverable in
Security Assessment (A1)? ......ANSWER......To list requirements for
product and operations certifications.
pg. 1
,2|Page
Why is maintaining a List of third-party software important in Security
Assessment (A1)? ......ANSWER......To identify dependence on third-
party software.
What is the purpose of the Metrics template in Security Assessment
(A1)? ......ANSWER......To establish a cadence for regular reporting to
executives.
What is the purpose of defining Business requirements in A2
Architecture? ......ANSWER......To establish software requirements,
including Confidentiality, Integrity, and Availability (CIA).
What are Threat modeling artifacts used for in A2 Architecture?
......ANSWER......They include data flow diagrams, elements, and threat
listings to assess security risks.
What is the goal of Architecture threat analysis in A2 Architecture?
......ANSWER......To prioritize threats and risks based on a detailed
threat analysis.
What is a Risk mitigation plan in A2 Architecture? ......ANSWER......A
plan to mitigate, accept, or tolerate risk within the system.
What does Policy compliance analysis ensure in A2 Architecture?
......ANSWER......It ensures adherence to company policies and security
regulations.
pg. 2
,3|Page
What is the purpose of Updated threat modeling artifacts in A3 Design
& Development? ......ANSWER......To maintain data flow diagrams,
elements, and threat listings for security analysis.
What does a Design security review focus on in A3 Design &
Development? ......ANSWER......It includes modifications to the design
of software components based on security assessments.
What is the purpose of Security test plans in A3 Design & Development?
......ANSWER......To create a plan to mitigate, accept, or tolerate risk.
What does Updated policy compliance analysis ensure in A3 Design &
Development? ......ANSWER......It ensures adherence to company
policies.
What are Privacy implementation assessment results used for in A3
Design & Development? ......ANSWER......They provide
recommendations from privacy assessments to improve compliance.
What is the purpose of the Security test execution report in A4 Design &
Development? ......ANSWER......To review progress against identified
security test cases.
pg. 3
, 4|Page
What does Updated policy compliance analysis ensure in A4 Design &
Development? ......ANSWER......It ensures adherence to company
policies.
What is the Privacy compliance report used for in A4 Design &
Development? ......ANSWER......To validate that recommendations from
the privacy assessment have been implemented.
What are Security testing reports used for in A4 Design &
Development? ......ANSWER......They document findings from different
types of security testing.
What is the Remediation report used for in A4 Design & Development?
......ANSWER......To provide the status of the security posture of the
product.
What does Updated policy compliance analysis ensure in A5 Ship?
......ANSWER......It ensures adherence to company policies.
What are Security testing reports used for in A5 Ship?
......ANSWER......They document findings from different types of
security testing in this phase of the SDL.
What is the purpose of the Remediation report in A5 Ship?
......ANSWER......To provide the status of the security posture of the
product.
pg. 4
WGU - D487 OA EXAM | {LATEST 2026/ 2027
UPDATE} COMPLETE ACTUAL AND AUTHENTIC
EXAM | BRAND NEW!
What is the purpose of the Product risk profile deliverable in Security
Assessment (A1)? ......ANSWER......To estimate the actual cost of the
product.
What is the goal of the SDL project outline in Security Assessment (A1)?
......ANSWER......To map SDL activities to the development schedule.
Why are Applicable laws and regulations important in Security
Assessment (A1)? ......ANSWER......To obtain formal sign-off from
stakeholders on applicable laws.
What is the purpose of the Threat profile in Security Assessment (A1)?
......ANSWER......To guide SDL activities to mitigate threats.
What is the goal of the Certification requirements deliverable in
Security Assessment (A1)? ......ANSWER......To list requirements for
product and operations certifications.
pg. 1
,2|Page
Why is maintaining a List of third-party software important in Security
Assessment (A1)? ......ANSWER......To identify dependence on third-
party software.
What is the purpose of the Metrics template in Security Assessment
(A1)? ......ANSWER......To establish a cadence for regular reporting to
executives.
What is the purpose of defining Business requirements in A2
Architecture? ......ANSWER......To establish software requirements,
including Confidentiality, Integrity, and Availability (CIA).
What are Threat modeling artifacts used for in A2 Architecture?
......ANSWER......They include data flow diagrams, elements, and threat
listings to assess security risks.
What is the goal of Architecture threat analysis in A2 Architecture?
......ANSWER......To prioritize threats and risks based on a detailed
threat analysis.
What is a Risk mitigation plan in A2 Architecture? ......ANSWER......A
plan to mitigate, accept, or tolerate risk within the system.
What does Policy compliance analysis ensure in A2 Architecture?
......ANSWER......It ensures adherence to company policies and security
regulations.
pg. 2
,3|Page
What is the purpose of Updated threat modeling artifacts in A3 Design
& Development? ......ANSWER......To maintain data flow diagrams,
elements, and threat listings for security analysis.
What does a Design security review focus on in A3 Design &
Development? ......ANSWER......It includes modifications to the design
of software components based on security assessments.
What is the purpose of Security test plans in A3 Design & Development?
......ANSWER......To create a plan to mitigate, accept, or tolerate risk.
What does Updated policy compliance analysis ensure in A3 Design &
Development? ......ANSWER......It ensures adherence to company
policies.
What are Privacy implementation assessment results used for in A3
Design & Development? ......ANSWER......They provide
recommendations from privacy assessments to improve compliance.
What is the purpose of the Security test execution report in A4 Design &
Development? ......ANSWER......To review progress against identified
security test cases.
pg. 3
, 4|Page
What does Updated policy compliance analysis ensure in A4 Design &
Development? ......ANSWER......It ensures adherence to company
policies.
What is the Privacy compliance report used for in A4 Design &
Development? ......ANSWER......To validate that recommendations from
the privacy assessment have been implemented.
What are Security testing reports used for in A4 Design &
Development? ......ANSWER......They document findings from different
types of security testing.
What is the Remediation report used for in A4 Design & Development?
......ANSWER......To provide the status of the security posture of the
product.
What does Updated policy compliance analysis ensure in A5 Ship?
......ANSWER......It ensures adherence to company policies.
What are Security testing reports used for in A5 Ship?
......ANSWER......They document findings from different types of
security testing in this phase of the SDL.
What is the purpose of the Remediation report in A5 Ship?
......ANSWER......To provide the status of the security posture of the
product.
pg. 4
