WGU-KEO1 Exam Details

  • Exam Code
    :WGU-KEO1
  • Exam Name
    :WGU Secure Software Design (D487, KEO1)
  • Certification
    :WGU University Certifications
  • Vendor
    :WGU University
  • Total Questions
    :133 Q&As
  • Last Updated
    :Jul 09, 2026

WGU University WGU-KEO1 Online Questions & Answers

  • Question 121:

    Which question reflects the security change management component of the change management process?

    A. How critical is the software to meeting the customers' mission?
    B. What threats are possible in the environment where the software will be operating?
    C. Which security objectives are required by the software?
    D. How is remote administration secured?

  • Question 122:

    Which secure coding best practice says to require authentication before allowing any files to be uploaded and to limit the types of files to only those needed for the business purpose?

    A. File management
    B. Communication security
    C. Data protection
    D. Memory management

  • Question 123:

    Which software control test examines an application from a user perspective by providing a wide variety of input scenarios and inspecting the output?

    A. Dynamic
    B. Black box
    C. Static
    D. White box

  • Question 124:

    What is a countermeasure to the web application security frame (ASF) data validation/parameter validation threat category?

    A. Inputs enforce type, format, length, and range checks.
    B. All administrative activities are logged and audited.
    C. Sensitive information is not logged.
    D. All exceptions are handled in a structured way.

  • Question 125:

    While performing functional testing of the ordering feature in the new product, a tester noticed that the order object was transmitted to the POST endpoint of the API as a human-readable JSON object. How should existing security controls be adjusted to prevent this in the future?

    A. Ensure passwords and private information are not logged
    B. Ensure sensitive transactions can be traced through an audit log
    C. Ensure the contents of authentication cookies are encrypted
    D. Ensure all requests and responses are encrypted

  • Question 126:

    Recent vulnerability scans discovered that the organization's production web servers were responding to ping requests with server type, version, and operating system, which hackers could leverage to plan attacks. How should the organization remediate this vulnerability?

    A. Ensure servers are configured to return as little information as possible to network requests
    B. Ensure servers are regularly updated with the latest security patches
    C. Always uninstall or disable features that are not required
    D. Access to configuration files is limited to administrators

  • Question 127:

    Which mitigation technique can be used to light against a threat where a user may gain access to administrator level functionality?

    A. Encryption
    B. Quality of service
    C. Hashes
    D. Run with least privilege

  • Question 128:

    Which secure software design principle states that it is always safer to require agreement of more than one entity to make a decision?

    A. Least Privilege
    B. Total Mediation
    C. Separation of Privileges
    D. Psychological Acceptability

  • Question 129:

    The security team has received notice of an insecure direct object reference vulnerability in a third-party component library that could result in remote code execution. The component library was replaced and is no longer being used within the application. How should the organization remediate this vulnerability?

    A. Ensure Sensitive Information Is Not Logged
    B. Ensure Auditing and Logging Is Enabled on All Servers
    C. Access to Configuration Files Is Limited to Administrators
    D. Enforce the Removal of Unused Dependencies

  • Question 130:

    Which secure coding practice involves clearing all local storage as soon as a user logs of for the night and will automatically log a user out after an hour of inactivity?

    A. Access control
    B. System configuration
    C. Communication security
    D. Session management

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only WGU University exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your WGU-KEO1 exam preparations and WGU University certification application, do not hesitate to visit our Vcedump.com to find your solutions here.