WGU D488 Study Set – Questions With Suitable Solutions

WGU D488 Study Set – Questions With Suitable
Solutions

1. SMTP (Simple Mail Transfer Protocol) Correct Answer - A protocol
used for sending and receiving email over the internet. It defines how email
messages are transmitted between servers.

SIEM (Security Information and Event Management) Correct Answer - A
software solution that aggregates and analyzes security data from across an
organization's IT infrastructure to provide real-time alerts, reports, and
security insights.

Layer Support Correct Answer - Refers to the different levels of security
controls implemented in a multi-layered security approach, typically aligning
with the OSI model.

Code Sign Testing Correct Answer - The process of verifying the
integrity and authenticity of software through digital signatures to ensure it
has not been altered or corrupted.

OWASP (Open Web Application Security Project) Correct Answer - An
open-source project aimed at improving the security of software by providing
resources, guidelines, and tools to developers and organizations.

SAST (Static Application Security Testing) Correct Answer - A white-box
testing methodology that analyzes source code for security vulnerabilities
without executing the program.

DAST (Dynamic Application Security Testing) Correct Answer - A black-
box testing approach that examines a running application to find
vulnerabilities during its execution.

IAST (Interactive Application Security Testing) Correct Answer -
Combines elements of SAST and DAST by analyzing applications during
runtime with insights from code-level instrumentation.

, MAST (Mobile Application Security Testing) Correct Answer - Focuses
on testing the security of mobile applications, employing both static and
dynamic analysis methods.

MDM (Mobile Device Management) Correct Answer - A security
software solution that allows IT administrators to manage, secure, and
enforce policies on mobile devices used within an organization.

Virtual Network Peering Correct Answer - The process of connecting
two virtual networks in a cloud environment to allow them to communicate
privately, typically without going through the public internet.

NAT (Network Address Translation) Correct Answer - A method used in
networking to translate private IP addresses to a public IP address, allowing
multiple devices on a local network to access the internet using a single public
address.

Reverse Proxy Correct Answer - A server that sits between client devices
and web servers, forwarding client requests to the appropriate server and
returning the server's response to the client, often used for load balancing and
security.

OAuth Correct Answer - An open standard for access delegation,
commonly used for token-based authentication to allow third-party
applications to access user data without sharing credentials.

LDAPSAML Correct Answer - Protocols used for securing directory
services and exchanging authentication and authorization data. LDAP
(Lightweight Directory Access Protocol) over SSL (LDAPS) is used for secure
communications, while SAML (Security Assertion Markup Language) is used
for single sign-on.

Operational vs Tactical vs Strategic Correct Answer - Operational: Day-
to-day activities and processes that ensure security measures are
implemented effectively.
Tactical: Short-term actions and plans designed to support operational
activities and address immediate security concerns.
Strategic: Long-term goals and policies that guide the overall direction of an
organization's security posture.