WGU D430 Fundamentals of Information Security –
Structured Study Summary & Assessment Prep Guide
2025/2026
A security administrator is configuring rules on a firewall to block specific types of traffic
based on the application layer information. What feature is being implemented correct
answer
Deep Packet Inspection
An organization wants to protect its network from external threats and monitor and
control internet usage. What technology should be implemented for this purpose
correct answer
Proxy Servers
An organization wants to ensure that employees only have access to the information
necessary for their roles. What principle should be implemented to achieve this correct
answer
Least Privilege
A company is implementing a policy to define the acceptable use of organizational
resources and information systems. What is this policy called correct answer
Acceptable Use Policy
An organization is implementing a policy to ensure that employees do not share their
login credentials. What is this policy called correct answer
Password Policy
A company is implementing a practice to regularly review and update user access
permissions. What is this practice called correct answer
Access Review
,An organization wants to ensure that employees only have access to specific areas of a
building based on their job responsibilities. What practice should be implemented
correct answer
Role-Based Access Control (RBAC)
A security administrator is implementing a method to verify the identity of individuals
accessing a system by using a combination of username and a one-time code sent to
their mobile device. What method is being implemented correct answer
Multi-Factor Authentication (MFA)
An organization wants to ensure that employees can access multiple systems with a
single set of credentials. What method should be implemented correct answer
Single Sign-On (SSO)
A company wants to implement a method where access permissions are automatically
granted or revoked based on predefined rules and policies. What method is being
described correct answer
Attribute-Based Access Control (ABAC)
An organization is implementing a policy to ensure that employees are only granted
access to specific systems necessary for their job roles. What is this policy called
correct answer
Least Privilege Policy
A security administrator is implementing a method to identify individuals based on their
physical characteristics, such as fingerprints or retina scans. What method is being
implemented correct answer
Biometric Authentication
A company is implementing a practice to regularly rotate and update user passwords to
enhance security. What is this practice called correct answer
Password Policy
, An organization is implementing a method where access permissions are assigned
based on specific job responsibilities. What method is being described correct answer
Role-Based Access Control (RBAC)
A security administrator is implementing a practice to regularly review and update user
roles and permissions. What is this practice called correct answer
Access Review
An organization is implementing a method where individuals are granted access based
on their need for specific information to perform their job functions. What method is
being described correct answer
Need-to-Know
A company is implementing a policy to ensure that employees with privileged access
undergo thorough background checks. What is this policy called correct answer
Background Check Policy
An organization is implementing a method where access permissions are based on the
specific tasks an individual performs within a job role. What method is being described
correct answer
Separation of Duties
A security administrator is implementing a practice to regularly audit and monitor user
activities to detect and prevent unauthorized access. What is this practice called
correct answer
Auditing
An organization wants to ensure that individuals with access to sensitive information
have undergone specific training on handling and protecting that information. What is
this policy called correct answer
Training and Awareness Policy
Structured Study Summary & Assessment Prep Guide
2025/2026
A security administrator is configuring rules on a firewall to block specific types of traffic
based on the application layer information. What feature is being implemented correct
answer
Deep Packet Inspection
An organization wants to protect its network from external threats and monitor and
control internet usage. What technology should be implemented for this purpose
correct answer
Proxy Servers
An organization wants to ensure that employees only have access to the information
necessary for their roles. What principle should be implemented to achieve this correct
answer
Least Privilege
A company is implementing a policy to define the acceptable use of organizational
resources and information systems. What is this policy called correct answer
Acceptable Use Policy
An organization is implementing a policy to ensure that employees do not share their
login credentials. What is this policy called correct answer
Password Policy
A company is implementing a practice to regularly review and update user access
permissions. What is this practice called correct answer
Access Review
,An organization wants to ensure that employees only have access to specific areas of a
building based on their job responsibilities. What practice should be implemented
correct answer
Role-Based Access Control (RBAC)
A security administrator is implementing a method to verify the identity of individuals
accessing a system by using a combination of username and a one-time code sent to
their mobile device. What method is being implemented correct answer
Multi-Factor Authentication (MFA)
An organization wants to ensure that employees can access multiple systems with a
single set of credentials. What method should be implemented correct answer
Single Sign-On (SSO)
A company wants to implement a method where access permissions are automatically
granted or revoked based on predefined rules and policies. What method is being
described correct answer
Attribute-Based Access Control (ABAC)
An organization is implementing a policy to ensure that employees are only granted
access to specific systems necessary for their job roles. What is this policy called
correct answer
Least Privilege Policy
A security administrator is implementing a method to identify individuals based on their
physical characteristics, such as fingerprints or retina scans. What method is being
implemented correct answer
Biometric Authentication
A company is implementing a practice to regularly rotate and update user passwords to
enhance security. What is this practice called correct answer
Password Policy
, An organization is implementing a method where access permissions are assigned
based on specific job responsibilities. What method is being described correct answer
Role-Based Access Control (RBAC)
A security administrator is implementing a practice to regularly review and update user
roles and permissions. What is this practice called correct answer
Access Review
An organization is implementing a method where individuals are granted access based
on their need for specific information to perform their job functions. What method is
being described correct answer
Need-to-Know
A company is implementing a policy to ensure that employees with privileged access
undergo thorough background checks. What is this policy called correct answer
Background Check Policy
An organization is implementing a method where access permissions are based on the
specific tasks an individual performs within a job role. What method is being described
correct answer
Separation of Duties
A security administrator is implementing a practice to regularly audit and monitor user
activities to detect and prevent unauthorized access. What is this practice called
correct answer
Auditing
An organization wants to ensure that individuals with access to sensitive information
have undergone specific training on handling and protecting that information. What is
this policy called correct answer
Training and Awareness Policy
