WGU D430 - Fundamentals of Information Security -
Competency test preparation questions with approved
Answers 2025/2026
The toolset a corporation might use to centrally manage all cellular phones provided to
its employees is _____. - correct answer MDM
Tcpdump - correct answer This command-line packet sniffing tool runs on Linux and
UNIX operating systems.
Kismet - correct answer A tool used to detect unauthorized wireless access points
Hping3 - correct answer A tool used to test the security of firewalls.
Nmap - correct answer A versatile tool able to scan ports, search for hosts on the
network, and other operations.
Wireshark - correct answer A graphical interface protocol analyzer capable of filtering,
sorting, and analyzing both wired and wireless network traffic
_____________ is a sniffer that specializes in detecting wireless devices. - correct
answer Kismet
A firewall that can watch packets and monitor the traffic from a given connection is using
what kind of firewall technology? - correct answer Stateful packet inspection
A tool that deliberately displays vulnerabilities in an attempt to bait attackers is called
_____________. - correct answer a honeypot
A specialized type of firewall that provides security and performance features, functions
as a choke point, allows for logging traffic for later inspection, and serves as a single
,source of requests for the devices behind it is known as a(n) ____________. - correct
answer Proxy server
_____________ is a popular, fully-featured sniffer capable of intercepting traffic from a
wide variety of wired and wireless sources. - correct answer Wireshark
Executable space protection is a software technology implemented by operating
systems to stop attacks using the same techniques used in malware. - correct answer
False
This type of host-based software may communicate with the management device by
sending regular beacons. - correct answer HIDS
Vulnerability Assessment Tools - correct answer Nessus
Scanner - correct answer Nmap
Exploit Framework - correct answer Metasploit
CANVAS
The total of the available avenues through which our operating system might be
attacked is called a(n) ________. - correct answer Attack surface
Which tool is a well-known vulnerability assessment tool that also includes a port
scanner? - correct answer Nessus
Which well-known tool is a scanner with a large and broad set of functionality? - correct
answer Nmap
, What security strategy best protects an operating system from buffer overflow attacks? -
correct answer Implement executable space protection
Small bits of software that take advantage of flaws in other software or applications to
cause them to behave in ways that were not intended by their creators are called _____
. - correct answer Exploits
Which software development vulnerability is stopped by proper bounds checking? -
correct answer Buffer overflows
CSS - correct answer A web-related tech used to develop web pages while.
XSS - correct answer refers to an attack where malicious code is embedded into the
web.
A database is vulnerable to SQL injection attacks through direct attempts to the
database server or through applications software, including web applications. What is
the most effective way of mitigating these attacks? - correct answer Validating user
inputs
Strictly following secure coding guidelines is critical to application security. Which of the
following options is a good source of secure coding guidelines? - correct answer The
organization's internal coding guidelines
BSI
CERT
NIST 800
Which software development vulnerability occurs when multiple processes control or
share access to a particular resource, and the correct handling of that resource
Competency test preparation questions with approved
Answers 2025/2026
The toolset a corporation might use to centrally manage all cellular phones provided to
its employees is _____. - correct answer MDM
Tcpdump - correct answer This command-line packet sniffing tool runs on Linux and
UNIX operating systems.
Kismet - correct answer A tool used to detect unauthorized wireless access points
Hping3 - correct answer A tool used to test the security of firewalls.
Nmap - correct answer A versatile tool able to scan ports, search for hosts on the
network, and other operations.
Wireshark - correct answer A graphical interface protocol analyzer capable of filtering,
sorting, and analyzing both wired and wireless network traffic
_____________ is a sniffer that specializes in detecting wireless devices. - correct
answer Kismet
A firewall that can watch packets and monitor the traffic from a given connection is using
what kind of firewall technology? - correct answer Stateful packet inspection
A tool that deliberately displays vulnerabilities in an attempt to bait attackers is called
_____________. - correct answer a honeypot
A specialized type of firewall that provides security and performance features, functions
as a choke point, allows for logging traffic for later inspection, and serves as a single
,source of requests for the devices behind it is known as a(n) ____________. - correct
answer Proxy server
_____________ is a popular, fully-featured sniffer capable of intercepting traffic from a
wide variety of wired and wireless sources. - correct answer Wireshark
Executable space protection is a software technology implemented by operating
systems to stop attacks using the same techniques used in malware. - correct answer
False
This type of host-based software may communicate with the management device by
sending regular beacons. - correct answer HIDS
Vulnerability Assessment Tools - correct answer Nessus
Scanner - correct answer Nmap
Exploit Framework - correct answer Metasploit
CANVAS
The total of the available avenues through which our operating system might be
attacked is called a(n) ________. - correct answer Attack surface
Which tool is a well-known vulnerability assessment tool that also includes a port
scanner? - correct answer Nessus
Which well-known tool is a scanner with a large and broad set of functionality? - correct
answer Nmap
, What security strategy best protects an operating system from buffer overflow attacks? -
correct answer Implement executable space protection
Small bits of software that take advantage of flaws in other software or applications to
cause them to behave in ways that were not intended by their creators are called _____
. - correct answer Exploits
Which software development vulnerability is stopped by proper bounds checking? -
correct answer Buffer overflows
CSS - correct answer A web-related tech used to develop web pages while.
XSS - correct answer refers to an attack where malicious code is embedded into the
web.
A database is vulnerable to SQL injection attacks through direct attempts to the
database server or through applications software, including web applications. What is
the most effective way of mitigating these attacks? - correct answer Validating user
inputs
Strictly following secure coding guidelines is critical to application security. Which of the
following options is a good source of secure coding guidelines? - correct answer The
organization's internal coding guidelines
BSI
CERT
NIST 800
Which software development vulnerability occurs when multiple processes control or
share access to a particular resource, and the correct handling of that resource
