U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

WGU (D487, KEO1) Secure Software Design Exam - Topic 6 Question 1 Discussion

The product security incident response team (PSIRT) has decided to make a formal public disclosure, including base and temporal common vulnerability scoring system (CVSS) scores and a common vulnerabilities and exposures (CVE) ID report, of an externally discovered vulnerability.What is the most likely reason for making a public disclosure?
C) The response team has determined that the vulnerability is credible.
A) The potential for increased public awareness of a vulnerability is probable, which could lead to higher risk for customers.
B) The vulnerability reporter has threatened to make the finding public after being notified that their case was not credible.
D) Notification of a vulnerability from an external party has occurred.

WGU (D487, KEO1) Secure Software Design Exam - Topic 6 Question 1 Discussion

Actual exam question for WGU's WGU (D487, KEO1) Secure Software Design exam
Question #: 1
Topic #: 6
[All WGU (D487, KEO1) Secure Software Design Questions]

The product security incident response team (PSIRT) has decided to make a formal public disclosure, including base and temporal common vulnerability scoring system (CVSS) scores and a common vulnerabilities and exposures (CVE) ID report, of an externally discovered vulnerability.

What is the most likely reason for making a public disclosure?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Basilia at Nov 23, 2025, 06:53 AM

Limited Time Offer

25%

Off

Get Premium WGU (D487, KEO1) Secure Software Design Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Sonia
2 months ago
D is also possible. Just notifying about the vulnerability is important.
upvoted 0 times
...
Kimi
2 months ago
I lean towards B. If the reporter threatened to go public, they had to act.
upvoted 0 times
...
Hailey
3 months ago
True, A is valid too. Awareness can lead to better security practices.
upvoted 0 times
...
Casey
3 months ago
But what about A? Increased awareness can help customers stay safe.
upvoted 0 times
...
Tamekia
3 months ago
I agree, C makes sense. Credibility is key for public disclosure.
upvoted 0 times
...
Leonida
3 months ago
I think it's C. They must believe the vulnerability is credible.
upvoted 0 times
...
Clare
4 months ago
I disagree, it feels like they’re just covering their backs with this disclosure.
upvoted 0 times
...
Cherelle
4 months ago
Option D makes sense; they need to inform users about external reports.
upvoted 0 times
...
Pedro
4 months ago
I'm feeling lucky, let's go with B. What could go wrong?
upvoted 0 times
...
Lettie
4 months ago
This is a no-brainer. The answer is clearly C. Who even considers B?
upvoted 0 times
...
Twana
4 months ago
D) Notification of a vulnerability from an external party has occurred.
upvoted 0 times
...
Stevie
5 months ago
C) The response team has determined that the vulnerability is credible.
upvoted 0 times
...
Lauran
5 months ago
I vaguely remember that if a reporter threatens to go public, it could push the team to disclose. That seems like a strong motivator.
upvoted 0 times
...
Adelle
5 months ago
I feel like the external notification aspect is important, but I can't recall if that alone would trigger a public disclosure.
upvoted 0 times
...
Tess
5 months ago
I think it might be related to the credibility of the vulnerability. We practiced a question where the response team had to assess if a report was valid.
upvoted 0 times
...
Stephania
5 months ago
I remember discussing how public disclosures can raise awareness, but I'm not sure if that's the main reason here.
upvoted 0 times
...
Marylin
5 months ago
Hmm, I'm a bit torn between C and D. On one hand, the team has determined the vulnerability is credible, which points to C. But the question also mentions an "externally discovered" vulnerability, so D about the notification could also be a factor. I'll have to think this through a bit more.
upvoted 0 times
...
Rebbeca
6 months ago
I feel pretty confident about this one. The public disclosure is likely happening because the vulnerability has been confirmed as credible by the response team, rather than just because of an external notification or threat. C seems like the most logical choice.
upvoted 0 times
...
Leigha
6 months ago
Surprised they’re disclosing it! Isn’t that risky for their reputation?
upvoted 0 times
...
Cristy
6 months ago
Okay, let me think this through. The key information seems to be that the PSIRT is making a formal public disclosure, which implies they've verified the issue. So I'm leaning towards C as the best answer.
upvoted 0 times
...
Geraldo
6 months ago
Public disclosure definitely raises awareness about vulnerabilities.
upvoted 0 times
...
Antonio
6 months ago
I think it's mostly about credibility. They must believe it's a real threat.
upvoted 0 times
...
Tracey
7 months ago
I'm a little confused here. Is the public disclosure happening because the vulnerability reporter threatened to go public, or because the team actually verified the issue? I'm not sure which one is the "most likely" reason.
upvoted 0 times
...
Gayla
7 months ago
Hmm, this seems like a pretty straightforward question. I think the answer is C - the response team has determined the vulnerability is credible.
upvoted 0 times
Chu
1 month ago
True, but if it's credible, they need to inform everyone.
upvoted 0 times
...
Carline
2 months ago
But what about A? Increased awareness can be risky too.
upvoted 0 times
...
Kris
2 months ago
Definitely! If they found it credible, they have to disclose.
upvoted 0 times
...
Jamal
2 months ago
I agree, C makes the most sense. Credibility is key.
upvoted 0 times
...
Jaime
7 months ago
I think C is the best choice. Transparency is important!
upvoted 0 times
...
...

Save Cancel