WGU D430
WGU D430 FUNDAMENTALS OF INFORMATION
SECURITY EXAM OBJECTIVE ASSESSMENT | 300
QUESTIONS AND ANSWERS | LATEST (2026/2027)
UPDATED VERSION
THIS DOCUMENT CONTAINS:
❖ WGU D430 EXAM
❖ FUNDAMENTALS OF INFORMATION SECURITY
❖ EXAM OBJECTIVE ASSESSMENT
❖ 300 QUESTIONS AND ANSWERS
❖ LATEST (2026/2027) UPDATED VERSION
,Which type of access control policy should be
implemented?
A Mandatory
B Physical
C Discretionary
D Attribute-based - ...ANSWER...D
A new software development company has
determined that one of its proprietary
algorithms is at a high risk for unauthorized
disclosure. The company's security up to this
point has been fairly lax.
Which procedure should the company implement
to protect this asset?
A Transfer the algorithm onto servers in the
demilitarized zone.
B Store the algorithm on highly available
servers.
,C Relocate the algorithm to encrypted storage.
D Create multiple off-site backups of the
algorithm. -
...ANSWER...C
An accounting firm stores financial data for
many customers. The company policy requires
that employees only access data for customers
they are assigned to. The company implements
a written policy indicating an employee can be
fired for violating this requirement.
Which type of control has the company
implemented?
A Deterrent
B Active
C Preventive
D Detective - ...ANSWER...A
A Implement account auditing.
B Remove unneeded services.
C Restrict account permissions.
D Remove unnecessary software. -
...ANSWER...C
A company implements an Internet-facing web
server for its sales force to review product
information. The sales force can also update its
profiles and profile photos, but not the product
information. There is no other information on
this server.
, A Read and limited write access
B Read and write access
C Limited write access only
D Limited read access only - ...ANSWER...A
How can the principle of least privilege be
applied to limit access to confidential personnel
records?
A Only allow access to those with elevated
security permissions.
B Only allow access to department heads and
executives.
C Only allow access to those who need access
to perform their job.
D Only allow access to those who work in the
human resources department. - ...ANSWER...C
A user runs an application that has been
infected with malware that is less than 24 hours
old. The malware then infects the operating
system.
Which safeguard should be implemented to
prevent this type of attack?
WGU D430 FUNDAMENTALS OF INFORMATION
SECURITY EXAM OBJECTIVE ASSESSMENT | 300
QUESTIONS AND ANSWERS | LATEST (2026/2027)
UPDATED VERSION
THIS DOCUMENT CONTAINS:
❖ WGU D430 EXAM
❖ FUNDAMENTALS OF INFORMATION SECURITY
❖ EXAM OBJECTIVE ASSESSMENT
❖ 300 QUESTIONS AND ANSWERS
❖ LATEST (2026/2027) UPDATED VERSION
,Which type of access control policy should be
implemented?
A Mandatory
B Physical
C Discretionary
D Attribute-based - ...ANSWER...D
A new software development company has
determined that one of its proprietary
algorithms is at a high risk for unauthorized
disclosure. The company's security up to this
point has been fairly lax.
Which procedure should the company implement
to protect this asset?
A Transfer the algorithm onto servers in the
demilitarized zone.
B Store the algorithm on highly available
servers.
,C Relocate the algorithm to encrypted storage.
D Create multiple off-site backups of the
algorithm. -
...ANSWER...C
An accounting firm stores financial data for
many customers. The company policy requires
that employees only access data for customers
they are assigned to. The company implements
a written policy indicating an employee can be
fired for violating this requirement.
Which type of control has the company
implemented?
A Deterrent
B Active
C Preventive
D Detective - ...ANSWER...A
A Implement account auditing.
B Remove unneeded services.
C Restrict account permissions.
D Remove unnecessary software. -
...ANSWER...C
A company implements an Internet-facing web
server for its sales force to review product
information. The sales force can also update its
profiles and profile photos, but not the product
information. There is no other information on
this server.
, A Read and limited write access
B Read and write access
C Limited write access only
D Limited read access only - ...ANSWER...A
How can the principle of least privilege be
applied to limit access to confidential personnel
records?
A Only allow access to those with elevated
security permissions.
B Only allow access to department heads and
executives.
C Only allow access to those who need access
to perform their job.
D Only allow access to those who work in the
human resources department. - ...ANSWER...C
A user runs an application that has been
infected with malware that is less than 24 hours
old. The malware then infects the operating
system.
Which safeguard should be implemented to
prevent this type of attack?
