WGU C845 PRACTICE TEST PAPER 2026
PRECISE SOLUTIONS INCLUDED
◍ Which access control model is best suited in an environment where
a high security level is required and where it is desired that only the
administrator grants access
control?
A. DAC
B. MAC
C. Access control matrix
D. TACACS. Answer: B. MAC
◍ Which access control model provides upper and lower bounds of
access capabilities for a subject?
A. Role-based access control
B. Lattice-based access control
C. Biba access control
D. Content-dependent access control. Answer: B Lattice-based access
control
◍ How are memory cards and smart cards different?
A. Memory cards normally hold more memory than smart cards
B. Smart cards provide a two-factor authentication whereas memory
cards don't
C. Memory cards have no processing power
,D. Only smart cards can be used for ATM cards. Answer: C. Memory
Cards have no processing power
◍ Why do buffer overflows happen? What is the main cause?
A. Because buffers can only hold so much data
B. Because of improper parameter checking within the application
C. Because they are an easy weakness to exploit
D. Because of insufficient system memory. Answer: B. because of
improper parameter checking within the application
◍ What is the main focus of the Bell-LaPadula security model?
A. Accountability
B. Integrity
C. Confidentiality
D. Availability. Answer: C. Confidentiality
◍ Which of the following statements pertaining to the Bell-LaPadula
is TRUE if you are NOT making use of the strong star property?
A. It allows "read up."
B. It addresses covert channels.
C. It addresses management of access controls.
D. It allows "write up.". Answer: D. it allows "write up."
◍ Which security model introduces access to objects only through
programs?
,A. The Biba model
B. The Bell-LaPadula model
C. The Clark-Wilson model
D. The information flow model. Answer: C. The Clark-Wilson model
◍ Which security model ensures that actions that take place at a
higher security level do not affect actions that take place at a lower
level?
A. The Bell-LaPadula model
B. The information flow model
C. The noninterference model
D. The Clark-Wilson model. Answer: C. the noninterference model
◍ Which of the following security models does NOT concern itself
with the flow of data?
A. The information flow model
B. The Biba model
C. The Bell-LaPadula model
D. The noninterference model. Answer: D. the noninterference model
◍ What Orange Book security rating is reserved for systems that have
been evaluated but fail to meet the criteria and requirements of the
higher divisions?
A. A
B. D
, C. E
D. F. Answer: B. D
◍ Which division of the Orange Book deals with discretionary
protection (need-to-know)?
A. D
B. C
C. B
D. A. Answer: B. C
◍ Which of the following are not Remote Access concerns?
A. Justification for remote access
B. Auditing of activities
C. Regular review of access privileges
D. Access badges. Answer: D. Access badges
◍ Smart cards are an example of which type of control?
A. Detective control
B. Administrative control
C. Technical control
D. Physical control. Answer: C. Technical Control
◍ What security model is dependent on security labels?
A. Discretionary access control
PRECISE SOLUTIONS INCLUDED
◍ Which access control model is best suited in an environment where
a high security level is required and where it is desired that only the
administrator grants access
control?
A. DAC
B. MAC
C. Access control matrix
D. TACACS. Answer: B. MAC
◍ Which access control model provides upper and lower bounds of
access capabilities for a subject?
A. Role-based access control
B. Lattice-based access control
C. Biba access control
D. Content-dependent access control. Answer: B Lattice-based access
control
◍ How are memory cards and smart cards different?
A. Memory cards normally hold more memory than smart cards
B. Smart cards provide a two-factor authentication whereas memory
cards don't
C. Memory cards have no processing power
,D. Only smart cards can be used for ATM cards. Answer: C. Memory
Cards have no processing power
◍ Why do buffer overflows happen? What is the main cause?
A. Because buffers can only hold so much data
B. Because of improper parameter checking within the application
C. Because they are an easy weakness to exploit
D. Because of insufficient system memory. Answer: B. because of
improper parameter checking within the application
◍ What is the main focus of the Bell-LaPadula security model?
A. Accountability
B. Integrity
C. Confidentiality
D. Availability. Answer: C. Confidentiality
◍ Which of the following statements pertaining to the Bell-LaPadula
is TRUE if you are NOT making use of the strong star property?
A. It allows "read up."
B. It addresses covert channels.
C. It addresses management of access controls.
D. It allows "write up.". Answer: D. it allows "write up."
◍ Which security model introduces access to objects only through
programs?
,A. The Biba model
B. The Bell-LaPadula model
C. The Clark-Wilson model
D. The information flow model. Answer: C. The Clark-Wilson model
◍ Which security model ensures that actions that take place at a
higher security level do not affect actions that take place at a lower
level?
A. The Bell-LaPadula model
B. The information flow model
C. The noninterference model
D. The Clark-Wilson model. Answer: C. the noninterference model
◍ Which of the following security models does NOT concern itself
with the flow of data?
A. The information flow model
B. The Biba model
C. The Bell-LaPadula model
D. The noninterference model. Answer: D. the noninterference model
◍ What Orange Book security rating is reserved for systems that have
been evaluated but fail to meet the criteria and requirements of the
higher divisions?
A. A
B. D
, C. E
D. F. Answer: B. D
◍ Which division of the Orange Book deals with discretionary
protection (need-to-know)?
A. D
B. C
C. B
D. A. Answer: B. C
◍ Which of the following are not Remote Access concerns?
A. Justification for remote access
B. Auditing of activities
C. Regular review of access privileges
D. Access badges. Answer: D. Access badges
◍ Smart cards are an example of which type of control?
A. Detective control
B. Administrative control
C. Technical control
D. Physical control. Answer: C. Technical Control
◍ What security model is dependent on security labels?
A. Discretionary access control
