Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

WGU (D487, KEO1) Secure Software Design Exam - Topic 2 Question 7 Discussion

Actual exam question for WGU's WGU (D487, KEO1) Secure Software Design exam
Question #: 7
Topic #: 2
[All WGU (D487, KEO1) Secure Software Design Questions]

The software security group is conducting a maturity assessment using the Building Security in Maturity Model (BSIMM). They are currently focused on reviewing attack models created during recently completed initiatives.

Which BSIMM domain is being assessed?

Show Suggested Answer Hide Answer
Suggested Answer: C

The Intelligence domain in the Building Security in Maturity Model (BSIMM) focuses on gathering and using information about software security. This includes understanding the types of attacks that are possible against the software being developed, which is why reviewing attack models falls under this domain. The BSIMM domain of Intelligence involves creating models of potential attacks on software (attack models), analyzing actual attacks that have occurred (attack intelligence), and sharing this information to improve security measures. By reviewing attack models, the software security group is essentially assessing the organization's ability to anticipate and understand potential security threats, which is a key aspect of the Intelligence domain.


by Lina at Mar 03, 2026, 06:11 AM

Limited Time Offer

25%

Off

Get Premium WGU (D487, KEO1) Secure Software Design Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Walker
15 days ago
Wait, are we sure it's not D) Deployment?
upvoted 0 times
...
Bernardo
20 days ago
Seems like A) Governance could fit too.
upvoted 0 times
...
Nelida
26 days ago
I thought it was B) SSDL touchpoints!
upvoted 0 times
...
Latonia
1 month ago
Definitely C) Intelligence, right?
upvoted 0 times
...
Kattie
1 month ago
I feel like this is definitely about the Intelligence domain, but I might be mixing it up with something else we studied.
upvoted 0 times
...
Verona
1 month ago
Governance seems like a possibility too, but I can't recall if it specifically covers attack models.
upvoted 0 times
...
Marsha
2 months ago
I remember practicing a question about SSDL touchpoints, but this one feels different since it's more about reviewing models.
upvoted 0 times
...
Daniela
2 months ago
I think the focus on attack models might relate to the Intelligence domain, but I'm not entirely sure.
upvoted 0 times
...
Eun
2 months ago
I’m leaning towards the Intelligence domain too, but I could see how it might connect to Deployment if they’re assessing how those models are applied.
upvoted 0 times
...
Noelia
2 months ago
I feel like I’ve seen a question similar to this before, and it was about Governance. But attack models seem more tactical, so maybe it’s not that.
upvoted 0 times
...
Celeste
2 months ago
I remember something about SSDL touchpoints being related to the development process, but this seems more focused on the analysis of threats.
upvoted 0 times
...
Muriel
2 months ago
I think this might relate to the Intelligence domain since they’re reviewing attack models, but I’m not entirely sure.
upvoted 0 times
...

Save Cancel