Online Access Free Secure-Software-Design Practice Test
| Exam Code: | Secure-Software-Design |
| Exam Name: | WGUSecure Software Design (KEO1) Exam |
| Certification Provider: | WGU |
| Free Question Number: | 118 |
| Posted: | Dec 13, 2025 |
The final security review determined that two low-risk security issues identified in testing are still outstanding. Developers have assured the security team that both issues can be resolved quickly once they have time to fix them. The security team is confident that developers can fix the flaws in the first post-release patch.
What is the result of the final security review?
The security team contracts with an independent security consulting firm to simulate attacks on deployed products and report results to organizational leadership.
Which category of secure software best practices is the team performing?
Automated security testing was performed by attempting to log in to the new product with a known username using a collection of passwords. Access was granted after a few hundred attempts.
How should existing security controls be adjusted to prevent this in the future?
What is the privacy impact rating of an application that stores personally identifiable information, monitors users with ongoing transfers of anonymous data, and changes settings without notifying the user?
The organization is moving from a waterfall to an agile software development methodology, so the software security group must adapt the security development life cycle as well. They have decided to break out security requirements and deliverables to fit better in the iterative life cycle by defining every-sprint requirements, one- time requirements, bucket requirements, and final security review requirements.
Which type of requirement slates that the team must identify primary security and privacy contacts?