1|Page
WGU D337 OBJECTIVE ASSESSMENT 2 LATEST 2026
ACTUAL EXAM TEST BANK| D337 INTERNET OF
THINGS AND INFRASTRUCTURE OA EXAM WITH 400
REAL EXAM QUESTIONS AND CORRECT VERIFIED
ANSWERS/ GRADED A+ (MOST RECENT!!)
Which type of IoT detection sensor built into electric bulbs minimizes
energy usage?
A) Humidity
B) Light
C) Vibration
D) Motion - Correct Answer -D
A company plans to adopt IoT into its business operations and then go
public. The company is concerned about the financial and reputational
impact of increasing the volume of personally identifiable information
(PII) that might inadvertently be exposed, which would affect the value
of its stock.
Which two considerations should be addressed as part of the adoption
strategy?
Choose 2 answers.
1. Governance
2. Privacy
3. Security
pg. 1
,2|Page
4. Standardization
A) 1, 2
B) 1, 3
C) 2, 3
D) 3, 4 - Correct Answer -C
Which component in the Lambda architecture acts as the streaming layer
in a streaming processing system?
A) Real-time engine
B) Batch engine
C) Serving back-end
D) Data storage - Correct Answer -A
Which vulnerability do IoT botnets target on IoT devices by applying
data found on the internet?
A) Unencrypted communications
B) Default credentials
C) Cleartext passwords
D) Exposed sensors - Correct Answer -B
Which type of malware creates a network of remotely controlled IoT
devices unknown to the owners?
pg. 2
,3|Page
A) Macro
B) Cross-site scripting
C) Embedded software exploitation
D) Botnet - Correct Answer -D
What enables IoT devices to be infected by the Mirai malware?
A) Default passwords
B) Plaintext communication
C) Stolen certificates
D) Cloud storage - Correct Answer -A
A company develops an IoT-based security system. The system uses
proximity sensors that communicate with a central gateway using a 433
MHZ radio signal. Testing reveals that the traffic can be sniffed with a
software-defined radio, and an attacker could spoof the proximity sensor
by copying the authentication details from the radio traffic.
Which Internet of Things Security Foundation (IoTSF) Best Practice
Guideline (BPG) should this company follow in its design process to
ensure the security of the radio data?
A) Device secure boot
B) Physical security
C) Network connections
D) Application security - Correct Answer -C
pg. 3
, 4|Page
A company hosts a database in a public cloud. Multiple IoT devices are
compromised and used to generate a high volume of requests targeting
the database to affect its availability.
Which type of attack is this?
A) Cross-site scripting
B) Distributed denial of service (DDoS)
C) Spear phishing
D) Structured Query Language (SQL) injection - Correct Answer -B
A company developed an IoT smart photo frame that allows users to
upload photos to their device using a web browser. Testing revealed that
users can upload files onto the root filesystem.
Which Internet of Things Security Foundation (IoTSF) Best Practice
Guideline (BPG) should this company follow in its design process to
ensure filesystem permissions are set correctly?
A) Device secure boot
B) Physical security
C) Secure operating system
D) Application security - Correct Answer -C
A company uses IoT devices to capture data in the field and transmit it
for central processing. The company plans to follow the Internet of
Things Security Foundation's (IoTSF) Best Practice Guidelines (BPGs)
to ensure that personal data is protected.
pg. 4
WGU D337 OBJECTIVE ASSESSMENT 2 LATEST 2026
ACTUAL EXAM TEST BANK| D337 INTERNET OF
THINGS AND INFRASTRUCTURE OA EXAM WITH 400
REAL EXAM QUESTIONS AND CORRECT VERIFIED
ANSWERS/ GRADED A+ (MOST RECENT!!)
Which type of IoT detection sensor built into electric bulbs minimizes
energy usage?
A) Humidity
B) Light
C) Vibration
D) Motion - Correct Answer -D
A company plans to adopt IoT into its business operations and then go
public. The company is concerned about the financial and reputational
impact of increasing the volume of personally identifiable information
(PII) that might inadvertently be exposed, which would affect the value
of its stock.
Which two considerations should be addressed as part of the adoption
strategy?
Choose 2 answers.
1. Governance
2. Privacy
3. Security
pg. 1
,2|Page
4. Standardization
A) 1, 2
B) 1, 3
C) 2, 3
D) 3, 4 - Correct Answer -C
Which component in the Lambda architecture acts as the streaming layer
in a streaming processing system?
A) Real-time engine
B) Batch engine
C) Serving back-end
D) Data storage - Correct Answer -A
Which vulnerability do IoT botnets target on IoT devices by applying
data found on the internet?
A) Unencrypted communications
B) Default credentials
C) Cleartext passwords
D) Exposed sensors - Correct Answer -B
Which type of malware creates a network of remotely controlled IoT
devices unknown to the owners?
pg. 2
,3|Page
A) Macro
B) Cross-site scripting
C) Embedded software exploitation
D) Botnet - Correct Answer -D
What enables IoT devices to be infected by the Mirai malware?
A) Default passwords
B) Plaintext communication
C) Stolen certificates
D) Cloud storage - Correct Answer -A
A company develops an IoT-based security system. The system uses
proximity sensors that communicate with a central gateway using a 433
MHZ radio signal. Testing reveals that the traffic can be sniffed with a
software-defined radio, and an attacker could spoof the proximity sensor
by copying the authentication details from the radio traffic.
Which Internet of Things Security Foundation (IoTSF) Best Practice
Guideline (BPG) should this company follow in its design process to
ensure the security of the radio data?
A) Device secure boot
B) Physical security
C) Network connections
D) Application security - Correct Answer -C
pg. 3
, 4|Page
A company hosts a database in a public cloud. Multiple IoT devices are
compromised and used to generate a high volume of requests targeting
the database to affect its availability.
Which type of attack is this?
A) Cross-site scripting
B) Distributed denial of service (DDoS)
C) Spear phishing
D) Structured Query Language (SQL) injection - Correct Answer -B
A company developed an IoT smart photo frame that allows users to
upload photos to their device using a web browser. Testing revealed that
users can upload files onto the root filesystem.
Which Internet of Things Security Foundation (IoTSF) Best Practice
Guideline (BPG) should this company follow in its design process to
ensure filesystem permissions are set correctly?
A) Device secure boot
B) Physical security
C) Secure operating system
D) Application security - Correct Answer -C
A company uses IoT devices to capture data in the field and transmit it
for central processing. The company plans to follow the Internet of
Things Security Foundation's (IoTSF) Best Practice Guidelines (BPGs)
to ensure that personal data is protected.
pg. 4
