1|Page
WGU C954 INFORMATION TECHNOLOGY
MANAGEMENT OBJECTIVE ASSESSMENT FINAL
ACTUAL EXAM LATEST 2025/ 2026 ACTUAL EXAM
WITH COMPLETE QUESTIONS AND CORRECT
DETAILED ANSWERS WITH RATIONALES (100%
VERIFIED ANSWERS) |ALREADY GRADED A+|
||VERIFIED!!|| ||LATEST EXAM!!!||
DRAG DROP A security administrator wants to implement
strong security on the company smart phones and
terminal servers located in the data center. Drag and drop
the applicable controls to each asset types. Instructions:
Controls can be used multiple times and not all
placeholders need to be filled. When you have completed
the simulation, please select the Done button to submit.
Select and Place: - Answer-Explanation:Company
Manages Smart Phone
Screen Lock Strong Password Device Encryption Remote
Wipe GPS Tracking Pop-up blocker
Data Center Terminal Server
Cable Locks Antivirus Host Based Firewall Proximity
Reader Sniffer Mantrap
,2|Page
HOTSPOT Select the appropriate attack from each drop
down list to label the corresponding illustrated attack.
Instructions: Attacks may only be used once, and will
disappear from drop down list if selected. When you have
completed the simulation, please select the Done button to
submit.
Hot Area: Explanation
1: Spear phishing is an e-mail spoofing fraud attempt that
targets a specific organization, seeking unauthorized
access to confidential data. As with the e-mail messages
used in regular phishing expeditions, spear phishing
messages appear to come from a trusted source. Phishing
messages usually appear to come from a large and well-
known company or Web site with a broad membership
base, such as eBay or PayPal. In the case of spear
phishing, however, the apparent source of the e-mail is
likely to be an individual within the recipient's own
company and generally someone in a position of authority.
2: The Hoax in this question is designed to make people
believe that the fake AV (anti-virus) software is genuine.
3: Vishing is the act of using the telephone in an attempt to
scam the user into surrendering private information that
,3|Page
will be used for identity theft. The scammer usually
pretends to be a legitimate business, and fools the victim
into thinking he or she will profit.
4: Phishing is the act of sending an email to a user falsely
claiming to be an established legitimate enterprise in an
attempt to scam the user into surrendering private
information that will be used for identity theft.
Phishing email will direct the user to visit a website where
they are asked to update perso
QUESTION 3
DRAG DROP You have been tasked with designing a
security plan for your company. Drag and drop the
appropriate security controls on the floor plan. Instructions:
All objects must be used and all place holders must be
filled. Order does not matter. When you have completed
the simulation, please select the Done button to submit.
Select and Place: - Answer-Explanation:
Cable locks -Adding a cable lock between a laptop and a
desk prevents someone from picking it up and walking
away Proximity badge + reader Safe is a
hardware/physical security measure Mantrap can be used
to control access to sensitive areas. CCTV can be used as
, 4|Page
video surveillance. Biometric reader can be used to control
and prevent unauthorized access. Locking cabinets can
be used to protect backup media, documentation and
other physical artefacts.
QUESTION 4
Which of the following would a security specialist be able
to determine upon examination of a server's certificate?
A. CA public key
B. Server private key
C. CSR
D. OID - Answer-D
QUESTION 5
A security analyst is diagnosing an incident in which a
system was compromised from an external IP address.
The socket identified on the firewall was traced to
207.46.130.0:6666. Which of the following should the
security analyst do to determine if the compromised
system still has an active connection?
A. tracert
B. netstat
WGU C954 INFORMATION TECHNOLOGY
MANAGEMENT OBJECTIVE ASSESSMENT FINAL
ACTUAL EXAM LATEST 2025/ 2026 ACTUAL EXAM
WITH COMPLETE QUESTIONS AND CORRECT
DETAILED ANSWERS WITH RATIONALES (100%
VERIFIED ANSWERS) |ALREADY GRADED A+|
||VERIFIED!!|| ||LATEST EXAM!!!||
DRAG DROP A security administrator wants to implement
strong security on the company smart phones and
terminal servers located in the data center. Drag and drop
the applicable controls to each asset types. Instructions:
Controls can be used multiple times and not all
placeholders need to be filled. When you have completed
the simulation, please select the Done button to submit.
Select and Place: - Answer-Explanation:Company
Manages Smart Phone
Screen Lock Strong Password Device Encryption Remote
Wipe GPS Tracking Pop-up blocker
Data Center Terminal Server
Cable Locks Antivirus Host Based Firewall Proximity
Reader Sniffer Mantrap
,2|Page
HOTSPOT Select the appropriate attack from each drop
down list to label the corresponding illustrated attack.
Instructions: Attacks may only be used once, and will
disappear from drop down list if selected. When you have
completed the simulation, please select the Done button to
submit.
Hot Area: Explanation
1: Spear phishing is an e-mail spoofing fraud attempt that
targets a specific organization, seeking unauthorized
access to confidential data. As with the e-mail messages
used in regular phishing expeditions, spear phishing
messages appear to come from a trusted source. Phishing
messages usually appear to come from a large and well-
known company or Web site with a broad membership
base, such as eBay or PayPal. In the case of spear
phishing, however, the apparent source of the e-mail is
likely to be an individual within the recipient's own
company and generally someone in a position of authority.
2: The Hoax in this question is designed to make people
believe that the fake AV (anti-virus) software is genuine.
3: Vishing is the act of using the telephone in an attempt to
scam the user into surrendering private information that
,3|Page
will be used for identity theft. The scammer usually
pretends to be a legitimate business, and fools the victim
into thinking he or she will profit.
4: Phishing is the act of sending an email to a user falsely
claiming to be an established legitimate enterprise in an
attempt to scam the user into surrendering private
information that will be used for identity theft.
Phishing email will direct the user to visit a website where
they are asked to update perso
QUESTION 3
DRAG DROP You have been tasked with designing a
security plan for your company. Drag and drop the
appropriate security controls on the floor plan. Instructions:
All objects must be used and all place holders must be
filled. Order does not matter. When you have completed
the simulation, please select the Done button to submit.
Select and Place: - Answer-Explanation:
Cable locks -Adding a cable lock between a laptop and a
desk prevents someone from picking it up and walking
away Proximity badge + reader Safe is a
hardware/physical security measure Mantrap can be used
to control access to sensitive areas. CCTV can be used as
, 4|Page
video surveillance. Biometric reader can be used to control
and prevent unauthorized access. Locking cabinets can
be used to protect backup media, documentation and
other physical artefacts.
QUESTION 4
Which of the following would a security specialist be able
to determine upon examination of a server's certificate?
A. CA public key
B. Server private key
C. CSR
D. OID - Answer-D
QUESTION 5
A security analyst is diagnosing an incident in which a
system was compromised from an external IP address.
The socket identified on the firewall was traced to
207.46.130.0:6666. Which of the following should the
security analyst do to determine if the compromised
system still has an active connection?
A. tracert
B. netstat
