Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free WGU Secure-Software-Design Practice Exam with Questions & Answers | Set: 3

Questions 21

A public library needs to implement security control on publicly used computers to prevent illegal downloads.

Which security control would prevent this threat?

Options:
A.

Nonrepudiation

B.

Authentication

C.

Integrity

D.

Availability

WGU Secure-Software-Design Premium Access
Questions 22

What is the privacy impact rating of an application that stores personally identifiable information, monitors users with ongoing transfers of anonymous data, and changes settings without notifying the user?

Options:
A.

P1 high privacy risk

B.

P2 moderate privacy risk

C.

P3 low privacy risk

D.

P4 no privacy risk

Questions 23

The organization is moving from a waterfall to an agile software development methodology, so the software security group must adapt the security development life cycle as well. They have decided to break out security requirements and deliverables to fit better in the iterative life cycle by defining every-sprint requirements, one-time requirements, bucket requirements, and final security review requirements.

Which type of requirement slates that the team must identify primary security and privacy contacts?

Options:
A.

Final security review requirement

B.

Bucket requirement

C.

Every-sprint requirement

D.

One-time requirement

Questions 24

The product development team is preparing for the production deployment of recent feature enhancements. One morning, they noticed the amount of test data grew exponentially overnight. Most fields were filled with random characters, but some structured query language was discovered.

Which type of security development lifecycle (SDL) tool was likely being used?

Options:
A.

Dynamic analysis

B.

Fuzzing

C.

Threat model

D.

Static analysis

Questions 25

Which concept is demonstrated when every module in a particular abstraction layer of a computing environment can only access the information and resources that are necessary for its legitimate purpose?

Options:
A.

Privacy

B.

Principle of Least Privilege

C.

Elevation of Privilege

D.

Confidentiality

Questions 26

Which type of security analysis is limited by the fact that a significant time investment of a highly skilled team member is required?

Options:
A.

Fuzz testing

B.

Dynamic code analysis

C.

Manual code review

D.

Static code analysis

Questions 27

Which threat modeling step assigns a score to discovered threats?

Options:
A.

Rate Threats

B.

Analyze the Target

C.

Identify and Document Threats

D.

Set the Scope

Questions 28

Which privacy impact statement requirement type defines processes to keep personal information updated and accurate?

Options:
A.

Access requirements

B.

Collection of personal information requirements

C.

Data integrity requirements

D.

Personal information retention requirements

Questions 29

The software security group is conducting a maturity assessment using the Open Web Application Security Project Software Assurance Maturity Model (OWASP OpenSAMM). They are currently focused on reviewing design artifacts to ensure they comply with organizational security standards.

Which OpenSAMM business function is being assessed?

Options:
A.

Construction

B.

Deployment

C.

Verification

D.

Governance

Questions 30

A software security team recently completed an internal assessment of the company's security assurance program. The team delivered a set of scorecards to leadership along with proposed changes designed to improve low-scoring governance, development, and deployment functions.

Which software security maturity model did the team use?

Options:
A.

Building Security In Maturity Model (BSIMM)

B.

Open Web Application Security Project (OWASP) Open Software Assurance Maturity Model (SAMM)

C.

U.S. Department of Homeland Security Software Assurance Program

D.

International Organization for Standardization ISO/IEC 27034

Certification Provider: WGU
Exam Name: WGU Secure Software Design (D487) Exam
Last Update: Jul 15, 2025
Questions: 113

WGU Related Exams

How to pass WGU Managing-Human-Capital - WGU Managing Human Capital C202 Exam
How to pass WGU Integrated-Physical-Sciences - WGU Integrated Physical Sciences (MTC1) Exam
How to pass WGU Cybersecurity-Architecture-and-Engineering - WGU Cybersecurity Architecture and Engineering (D488) Exam
How to pass WGU Organizational-Behaviors-and-Leadership - WGU Organizational Behaviors and Leadership (IBC1) Exam
How to pass WGU Principles-of-Management - Principles of Management at Western Governors University(IAC1) Exam
How to pass WGU Web-Development-Applications - WGU Web Development Applications (KVO1) Exam
How to pass WGU Ethics-In-Technology - WGU Ethics In TechnologyQCO1 Exam
How to pass WGU Information-Technology-Management - WGU Information Technology Management QGC1 Exam
How to pass WGU Network-and-Security-Foundation - Network-and-Security-Foundation Exam
How to pass WGU Data-Management-Foundations - WGU Data Management – Foundations Exam Exam
How to pass WGU Cloud-Deployment-and-Operations - WGUCloud Deployment and Operations Exam

WGU Free Exams

WGU Free Exams
Examstrack offers comprehensive free resources and practice tests for WGU exams.