https://www.stuvia.com/user/Prose1
WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM
OBJECTIVE ASSESSMENT NEWEST 2025/2026 TEST BANK ACTUAL
EXAM 300 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+
A company wants to update its access control
g x gx g x g x g x g x gx
policy. The company wants to prevent hourly
gx gx gx g x g x g x g x
employees from logging in to company computers
g x gx gx g x g x g x g x
after business hours.
g x g x g x
Which type of access control policy should be
implemented?
A Mandatory
B Physical
C Discretionary
D Attribute-based - ...ANSWER...D
A new software development company has
determined that one of its proprietary algorithms is
at a high risk for unauthorized disclosure. The
company's security up to this point has been fairly
lax.
Which procedure should the company implement to
protect this asset?
A Transfer the algorithm onto servers in the
demilitarized zone.
B Store the algorithm on highly available servers.
,https://www.stuvia.com/user/Prose1
C Relocate the algorithm to encrypted storage.
D Create multiple off-site backups of the algorithm. -
...ANSWER...C
An accounting firm stores financial data for many
customers. The company policy requires that
employees only access data for customers they are
assigned to. The company implements a written
policy indicating an employee can be fired for
violating this requirement.
Which type of control has the company implemented?
A Deterrent
B Active
C Preventive
D Detective - ...ANSWER...A
How can an operating system be hardened
in accordance to the principle of least
privilege?
A Implement account auditing.
B Remove unneeded services.
C Restrict account permissions.
D Remove unnecessary software. - ...ANSWER...C
A company implements an Internet-facing web server
for its sales force to review product information. The
sales force can also update its profiles and profile
photos, but not the product information. There is no
other information on this server.
,https://www.stuvia.com/user/Prose1
Which content access permissions should be granted
to the sales force based on the principle of least
privilege?
A Read and limited write access
B Read and write access
C Limited write access only
D Limited read access only - ...ANSWER...A
A corporation has discovered that some confidential
personnel information has been used
inappropriately.
How can the principle of least privilege be applied to
limit access to confidential personnel records?
A Only allow access to those with elevated security
permissions.
B Only allow access to department heads and
executives.
C Only allow access to those who need access to
perform their job.
D Only allow access to those who work in the human
resources department. - ...ANSWER...C
A user runs an application that has been infected with
malware that is less than 24 hours old. The malware
then infects the operating system.
Which safeguard should be implemented to prevent
this type of attack?
A Install the latest security
updates.
B Uninstall unnecessary software.
, https://www.stuvia.com/user/Prose1
C Modify the default user accounts.
D Limit user account privileges. - ...ANSWER...D
A company was the victim of a security breach
resulting in stolen user credentials. An attacker used
a stolen username and password to log in to an
employee email account.
Which security practice could have reduced the post-
breach impact of this event?
A Multi-factor authentication
B Operating system hardening
C Network segmentation
D Mutual authentication - ...ANSWER...A
A module in a security awareness course shows a
user making use of two-factor authentication using a
hardware token.
Which security failure is being addressed by this
training module?
A Tailgating
B Pretexting
C Malware infections
D Weak passwords - ...ANSWER...D
Which tool should an application developer use to help
identify input validation vulnerabilities?
A scanner
WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM
OBJECTIVE ASSESSMENT NEWEST 2025/2026 TEST BANK ACTUAL
EXAM 300 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+
A company wants to update its access control
g x gx g x g x g x g x gx
policy. The company wants to prevent hourly
gx gx gx g x g x g x g x
employees from logging in to company computers
g x gx gx g x g x g x g x
after business hours.
g x g x g x
Which type of access control policy should be
implemented?
A Mandatory
B Physical
C Discretionary
D Attribute-based - ...ANSWER...D
A new software development company has
determined that one of its proprietary algorithms is
at a high risk for unauthorized disclosure. The
company's security up to this point has been fairly
lax.
Which procedure should the company implement to
protect this asset?
A Transfer the algorithm onto servers in the
demilitarized zone.
B Store the algorithm on highly available servers.
,https://www.stuvia.com/user/Prose1
C Relocate the algorithm to encrypted storage.
D Create multiple off-site backups of the algorithm. -
...ANSWER...C
An accounting firm stores financial data for many
customers. The company policy requires that
employees only access data for customers they are
assigned to. The company implements a written
policy indicating an employee can be fired for
violating this requirement.
Which type of control has the company implemented?
A Deterrent
B Active
C Preventive
D Detective - ...ANSWER...A
How can an operating system be hardened
in accordance to the principle of least
privilege?
A Implement account auditing.
B Remove unneeded services.
C Restrict account permissions.
D Remove unnecessary software. - ...ANSWER...C
A company implements an Internet-facing web server
for its sales force to review product information. The
sales force can also update its profiles and profile
photos, but not the product information. There is no
other information on this server.
,https://www.stuvia.com/user/Prose1
Which content access permissions should be granted
to the sales force based on the principle of least
privilege?
A Read and limited write access
B Read and write access
C Limited write access only
D Limited read access only - ...ANSWER...A
A corporation has discovered that some confidential
personnel information has been used
inappropriately.
How can the principle of least privilege be applied to
limit access to confidential personnel records?
A Only allow access to those with elevated security
permissions.
B Only allow access to department heads and
executives.
C Only allow access to those who need access to
perform their job.
D Only allow access to those who work in the human
resources department. - ...ANSWER...C
A user runs an application that has been infected with
malware that is less than 24 hours old. The malware
then infects the operating system.
Which safeguard should be implemented to prevent
this type of attack?
A Install the latest security
updates.
B Uninstall unnecessary software.
, https://www.stuvia.com/user/Prose1
C Modify the default user accounts.
D Limit user account privileges. - ...ANSWER...D
A company was the victim of a security breach
resulting in stolen user credentials. An attacker used
a stolen username and password to log in to an
employee email account.
Which security practice could have reduced the post-
breach impact of this event?
A Multi-factor authentication
B Operating system hardening
C Network segmentation
D Mutual authentication - ...ANSWER...A
A module in a security awareness course shows a
user making use of two-factor authentication using a
hardware token.
Which security failure is being addressed by this
training module?
A Tailgating
B Pretexting
C Malware infections
D Weak passwords - ...ANSWER...D
Which tool should an application developer use to help
identify input validation vulnerabilities?
A scanner
