WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM OBJECTIVE ASSESSMENT NE WEST 2024 TEST BANK

WGU D430 FUNDAMENTALS OF INFORMATION
m m m m m



SECURITY EXAM OBJECTIVE ASSESSMENT NEm m m m



WEST 2024 TEST BANK ACTUAL EXAM 300
m m m m m m



QUESTIONS AND CORRECT DETAILED ANSWERS m m m m m



(VERIFIED ANSWERS) |ALREADY GRADED A+ m m m m




A company wants to update its access control policy. Th
m m m m m m m m m



e company wants to prevent hourly employees from log
m m m m m m m m



ging in to company computers after business hours.
m m m m m m m




Which type of access control policy should bei
m m m m m m m m



mplemented?

A Mandatory
m m



B Physical
m



C Discretionary
m



D Attribute-based - ...ANSWER...D
m m m




A new software development company has determined
m m m m m m m



that one of its proprietary algorithms is at a high risk fo
m m m m m m m m m m m



r unauthorized disclosure. The company's security upto
m m m m m m m



mthis point has been fairly lax.
m m m m m




Which procedure should the company implement to
m m m m m m m



protect this asset?
m m




A Transfer the algorithm onto servers in the
m m m m m m m m



demilitarized zone. m



B Store the algorithm on highly available servers.
m m m m m m m

,C Relocate the algorithm to encrypted storage.
m m m m m m



D Create multiple off-site backups of the algorithm. -
m m m m m m m m



...ANSWER...C

An accounting firm stores financial data for many custo
m m m m m m m m



mers. The company policy requires that employees only
m m m m m m m



access data for customers they are assigned to. The co
m m m m m m m m m m



mpany implements a written policyindicating an employ
m m m m m m m



ee can be fired for violating this requirement.
m m m m m m m




Which type of control has the company implemented?A
m m m m m m m m




Deterrent
m



B Active
m



C Preventive
m



D Detective - ...ANSWER...A
m m m




How can an operating system be hardened inaccordanc
m m m m m m m m



e to the principle of least privilege?
m m m m m m




A Implement account auditing.
m m m m



B Remove unneeded services.
m m m m



C Restrict account permissions.
m m m



D Remove unnecessary software. - ...ANSWER...C
m m m m m




A company implements an Internet-
m m m m



facing web serverfor its sales force to review product
m m m m m m m m m m



information. The sales force can also update its profilem m m m m m m m



s and profile photos, but not the product information. T
m m m m m m m m m



here is no other information on this server.
m m m m m m m

,Which content access permissions should be granted tot
m m m m m m m m



he sales force based on the principle of least privilege?
m m m m m m m m m




A Read and limited write access
m m m m m m



B Read and write access
m m m m



C Limited write access only
m m m m



D Limited read access only - ...ANSWER...A
m m m m m m




A corporation has discovered that some confidential pe
m m m m m m m



rsonnel information has been used inappropriately.
m m m m m




How can the principle of least privilege be applied tol
m m m m m m m m m m



imit access to confidential personnel records?
m m m m m




A Only allow access to those with elevated security
m m m m m m m m m



permissions.
B Only allow access to department heads and
m m m m m m m m



executives.
C Only allow access to those who need access to
m m m m m m m m m m



perform their job. m m



D Only allow access to those who work in the humanre
m m m m m m m m m m m



sources department. - ...ANSWER...C
m m m




A user runs an application that has been infected withm
m m m m m m m m m m



alware that is less than 24 hours old. The malware then
m m m m m m m m m m



infects the operating system.
m m m m




Which safeguard should be implemented to prevent this
m m m m m m m m



type of attack?
m m




A Install the latest security updates.
m m m m m m



B Uninstall unnecessary software.
m m m

, C Modify the default user accounts.
m m m m m



D Limit user account privileges. - ...ANSWER...D
m m m m m m




A company was the victim of a security breach resultin
m m m m m m m m m



g in stolen user credentials. An attacker used astolen u
m m m m m m m m m m



sername and password to log in to an employee email a
m m m m m m m m m m



ccount.

Which security practice could have reduced the post-
m m m m m m m



breach impact of this event?
m m m m m




A Multi-
m



factor authentication B Operat
m m m



ing system hardeningC Netwo
m m m m



rk segmentation
m



D Mutual authentication - ...ANSWER...A
m m m m




A module in a security awareness course shows a user
m m m m m m m m m m



making use of two- m m m



factor authentication using a hardware token.
m m m m m




Which security failure is being addressed by this
m m m m m m m m



training module? m




A Tailgating
m m



B Pretexting
m



C Malware infections
m m



D Weak passwords - ...ANSWER...D
m m m m




Which tool should an application developer use to helpi
m m m m m m m m m



dentify input validation vulnerabilities?
m m m




A scanner
m