Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Secure-Software-Design Exam Dumps - WGU Courses and Certificates Questions and Answers

Question # 24

Which type of manual code review technique is being used when the reviewer starts at an input control and traces its value through the application to each of the value's outputs?

Options:

A.

Risk analysis

B.

Control flow analysis

C.

Data flow analysis

D.

Threat analysis

Buy Now
Question # 25

Which secure coding best practice says to require authentication before allowing any files to be uploaded and to limit the types of files to only those needed for the business purpose?

Options:

A.

File management

B.

Communication security

C.

Data protection

D.

Memory management

Buy Now
Question # 26

The security team has received notice of an insecure direct object reference vulnerability in a third-party component library that could result in remote code execution. The component library was replaced and is no longer being used within the application.

How should the organization remediate this vulnerability?

Options:

A.

Ensure Sensitive Information Is Not Logged

B.

Ensure Auditing and Logging Is Enabled on All Servers

C.

Access to Configuration Files Is Limited to Administrators

D.

Enforce the Removal of Unused Dependencies

Buy Now
Question # 27

The software security group is conducting a maturity assessment using the Open Web Application Security Project Software Assurance Maturity Model (OWASP SAMM). They are currently focused on reviewing design artifacts to ensure they comply with organizational security standards.

Which OpenSAMM business function is being assessed?

Options:

A.

Verification

B.

Construction

C.

Deployment

D.

Governance

Buy Now
Question # 28

Which type of security analysis is performed by reviewing source code line-by-line after other security analysis techniques have been executed?

Options:

A.

Dynamic Analysis

B.

Static Analysis

C.

Manual Code Review

D.

Fuzz Testing

Buy Now
Question # 29

A software security team recently completed an internal assessment of the company's security assurance program. The team delivered a set of scorecards to leadership along with proposed changes designed to improve low-scoring governance, development, and deployment functions.

Which software security maturity model did the team use?

Options:

A.

Building Security In Maturity Model (BSIMM)

B.

Open Web Application Security Project (OWASP) Open Software Assurance Maturity Model (SAMM)

C.

U.S. Department of Homeland Security Software Assurance Program

D.

International Organization for Standardization ISO/IEC 27034

Buy Now
Question # 30

Company leadership has discovered an untapped revenue stream within its customer base and wants to meet with IT to share its vision for the future and determine whether to move forward.

Which phase of the software development lifecycle (SDLC) is being described?

Options:

A.

Implementation

B.

Design

C.

Planning

D.

Requirements

Buy Now
Question # 31

The security team is reviewing whether changes or open issues exist that would affect requirements for handling personal information documented in earlier phases of the development life cycle.

Which activity of the Ship SDL phase is being performed?

Options:

A.

Vulnerability scan

B.

Final security review

C.

Open-source licensing review

D.

Final privacy review

Buy Now
Question # 32

Which architecture deliverable identifies the organization's tolerance to security issues and how the organization plans to react if a security issue occurs?

Options:

A.

Threat Modeling Artifacts

B.

Risk Mitigation Plan

C.

Business Requirements

D.

Policy Compliance Analysis

Buy Now
Question # 33

What is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or distribution to provide confidentiality, integrity, and availability?

Options:

A.

Availability

B.

Integrity

C.

Confidentiality

D.

Information Security

Buy Now
Exam Name: WGU Secure Software Design (D487) Exam
Last Update: Mar 15, 2025
Questions: 113
Secure-Software-Design pdf

Secure-Software-Design PDF

$25.5  $84.99
Secure-Software-Design Engine

Secure-Software-Design Testing Engine

$28.5  $94.99
Secure-Software-Design PDF + Engine

Secure-Software-Design PDF + Testing Engine

$40.5  $134.99