WGU D488 - CASP+ WITH COMPLETE SOLUTIONS
AND VERIFIED ANSWERS 2026.
Design Secure Network Architecture - 25% - Section 1
Identity and Access Management - A framework of policies and technologies used
to manage digital identities and control user access to a resource within an
organization
Password Policy - Rules set to enforce strong password creation and management,
including requirements for length, history, complexity, and more.
Privileged Access Management - A security practice that monitors and controls
access to critical systems and data by users with elevated access (e.g. admin
accounts)
Password Complexity - A set of rules designed to make a password stronger and
more difficult to crack or guess.
Kerberos - A network authentication protocol that uses symmetric key
cryptography to securely authenticate users and services over the network.
Mandatory Access Control (MAC) - A security model where access to resources is
determined by system-enforced policies. Access is granted based on labels or
classifications. (e.g. "Top Secret")
Attribute-Based Access Control (ABAC) - A security model where access to
resources is determined by attributes such as user role, location, time of access,
etc...
In-band authentication - A security method where authentication occurs within the
same communication channel used to access the service or system. An example
will include receiving a verification token on the same device you are using to login.
, Out-of-Band authentication - A security method where authentication occurs using
a separate communication channel from the primary one. An example includes
receiving a verification email with a code to confirm your identity.
Challenge Handshake Authentication Protocol (CHAP) - A secure authentication
protocol used to verify the identity of a user or device over the network by sending
them a "challenge" (random value) from the server to the client.
JSON Web Token - A compact, URL-safe token format used for securely
transmitting information between two parties as a JSON object.
Trusted Platform Module (TPM) - a hardware based security device used to store
cryptographic keys, passwords, and other sensitive data securely. This security
device ensures that the system hardware and software hasn't been tampered with.
Single Sign On (SSO) - An authentication process that allows users to access
multiple applications or systems using single set of credentials.
Internet Protocol Security (IPSec) - A suite of protocols used to secure IP
communications by encrypting and authenticating data packets transmitted over a
network. Commonly used in VPN's.
Simple Network Management Protocol (SNMP) - A protocol used for managing and
monitoring network devices in an IP network. Allows administrators to collect
performance data, configure devices, and receive alerts about issues or failures.
Extensible authentication protocol (EAP) - An authentication framework used to
provide various methods of user authentication over a network. It is commonly
used in wireless networks and VPN's to support different forms of authentication
like passwords, certificates, and tokens.
Open Authentication (OAuth) - A simple authentication method where access is
granted without requiring credentials or any form of authentication. Typically used
in unsecured networks such as public wi-fi.
AND VERIFIED ANSWERS 2026.
Design Secure Network Architecture - 25% - Section 1
Identity and Access Management - A framework of policies and technologies used
to manage digital identities and control user access to a resource within an
organization
Password Policy - Rules set to enforce strong password creation and management,
including requirements for length, history, complexity, and more.
Privileged Access Management - A security practice that monitors and controls
access to critical systems and data by users with elevated access (e.g. admin
accounts)
Password Complexity - A set of rules designed to make a password stronger and
more difficult to crack or guess.
Kerberos - A network authentication protocol that uses symmetric key
cryptography to securely authenticate users and services over the network.
Mandatory Access Control (MAC) - A security model where access to resources is
determined by system-enforced policies. Access is granted based on labels or
classifications. (e.g. "Top Secret")
Attribute-Based Access Control (ABAC) - A security model where access to
resources is determined by attributes such as user role, location, time of access,
etc...
In-band authentication - A security method where authentication occurs within the
same communication channel used to access the service or system. An example
will include receiving a verification token on the same device you are using to login.
, Out-of-Band authentication - A security method where authentication occurs using
a separate communication channel from the primary one. An example includes
receiving a verification email with a code to confirm your identity.
Challenge Handshake Authentication Protocol (CHAP) - A secure authentication
protocol used to verify the identity of a user or device over the network by sending
them a "challenge" (random value) from the server to the client.
JSON Web Token - A compact, URL-safe token format used for securely
transmitting information between two parties as a JSON object.
Trusted Platform Module (TPM) - a hardware based security device used to store
cryptographic keys, passwords, and other sensitive data securely. This security
device ensures that the system hardware and software hasn't been tampered with.
Single Sign On (SSO) - An authentication process that allows users to access
multiple applications or systems using single set of credentials.
Internet Protocol Security (IPSec) - A suite of protocols used to secure IP
communications by encrypting and authenticating data packets transmitted over a
network. Commonly used in VPN's.
Simple Network Management Protocol (SNMP) - A protocol used for managing and
monitoring network devices in an IP network. Allows administrators to collect
performance data, configure devices, and receive alerts about issues or failures.
Extensible authentication protocol (EAP) - An authentication framework used to
provide various methods of user authentication over a network. It is commonly
used in wireless networks and VPN's to support different forms of authentication
like passwords, certificates, and tokens.
Open Authentication (OAuth) - A simple authentication method where access is
granted without requiring credentials or any form of authentication. Typically used
in unsecured networks such as public wi-fi.