WGU D430 OBJECTIVE ASSESSEMENT FINAL
EXAM 2025 WITH ACTUAL CORRECT
QUESTIONS AND VERIFIED DETAILED
ANSWERS |FREQUENTLY TESTED
QUESTIONS AND SOLUTIONS |ALREADY
GRADED A+| |GUARANTEED PASS|LATEST
UPDATE
______ sets limits on the use and disclosure of patient information and grants individuals rights over
their own health records.
A HIPAA
B SOX
C GLBA
D FERPA
E PCI DSS
HIPAA
______ ensures the protection of information, operations, and assets in federal government.
A SOX
B PCI DSS
C FERPA
D HIPAA
E FISMA
FISMA
______ protects the privacy of students and their parents.
A PCI DSS
B FISMA
C HIPAA
D GLBA
E FERPA
FERPA
1|Page
,______ regulates the financial practice and governance of corporations.
A FERPA
B HIPAA
C GLBA
D FISMA
E SOX
Sox
______ protects the customers of financial institutions.
A PCI DSS
B SOX
C FISMA
D FERPA
E GLBA
GLBA
During what phase of the operations security process do we match threats and vulnerabilities?
A Analysis of threats
B Analysis of vulnerabilities
C Assessment of risks
D Application of countermeasures
E Identification of critical information
Assessment of risks
Haas' second law of operations security, "If you don't know what to protect, how do you know you are
protecting it?," maps to what step in the operations security process?
A Application of countermeasures
B Assessment of risks
C Analysis of vulnerabilities
D Analysis of threats
E Identification of critical information
Identification of critical information
You are leaving for an extended vacation and want to take steps to protect your home. You set a timer
to turn lights and the TV on and off at various times throughout the day, suspend the mail delivery, and
arrange for a neighbor to come in and water the plants. What step in the operations security process do
these actions demonstrate?
A Identification of critical information
B Analysis of threats
C Analysis of vulnerabilities
D Assessment of risks
E Application of countermeasures
Application of countermeasures
2|Page
,The process of intelligence gathering and analysis to support business decisions is known as _______.
A Competitive business
B Business intelligence
C Business competition
D Counter intelligence
E Competitive intelligence
Competitive intelligence
The study that was conducted to discover the cause of the information leak during the Vietnam War was
codenamed ________ and is now considered a symbol of OPSEC.
A Vietnam Viper
B The Art of War
C Purple Dragon
D Sun Tzu
Purple Dragon
Which of the following is not a best practice for password security?
A Educating users on password management
B Creating a password policy
C Enforcing complex password requirements
D Forcing password expiration intervals
E Teaching users how to manually sync passwords between systems
Teaching users how to manually sync passwords between systems
Which social engineering technique involves impersonating someone else to convince the target to
perform some action that they wouldn't normally do for a stranger?
A Spear phishing
B Tailgating
C Pretexting
D Phishing
Pretexting
You swipe your key card to gain access to a secure area of the building. As you pass through the door,
you notice someone right behind you. You don't recall that he was walking behind you a moment ago,
nor do you see a key card in his hand. What social engineering technique is demonstrated in this
example?
A Spear phishing
B Tailgating
C Pretexting
D Phishing
Tailgating
Your IT department has implemented a comprehensive defense in depth strategy to protect your
company resources. The buildings are protected by key card swipes and video surveillance, logins and
3|Page
, passwords are required for access to any digital resource, and your network and workstation equipment
is properly configured, patched, and protected. Policies are in place to recover from any major security
risk. What single entity can invalidate all of these efforts?
A person
B corrupt file
C virus
D USB drive
E bad hard drive
person
Which of the options below is an example of an effective Security Awareness, Training, and Education
(SATE) strategy?
A 3-hour CBT course with a completion certificate, required yearly
B periodic email that references the Employee Handbook and includes a link to a required quiz
C biannual conference room training session that offers free coffee and is four hours long
D daily "security check" question that, if answered correctly, enters the user into a giveaway
daily "security check" question that, if answered correctly, enters the user into a giveaway
Your company has an office full of expensive computer equipment to protect. You recommend a variety
of approaches, including a security guard stationed at the entrance, a high fence around the property,
and key card entry to all nonpublic areas. What security concept are you recommending to protect your
company's assets?
A Nonrepudiation
B Capability-based security
C Access control lists
D Principle of least privilege
E Defense in depth
Defense in depth
You work for a small company that has just upgraded its data servers. The new servers are up and
running, and normal operations have resumed. The company plans to sell its old equipment. What is
your primary concern before they auction off the old hardware?
A Data redundancy
B Data availability
C Data backups
D Residual data
Residual data
What planning process ensures that critical business functions can continue to operate during an
emergency?
A Disaster recovery planning
B Operations security planning
C Risk management planning
4|Page
EXAM 2025 WITH ACTUAL CORRECT
QUESTIONS AND VERIFIED DETAILED
ANSWERS |FREQUENTLY TESTED
QUESTIONS AND SOLUTIONS |ALREADY
GRADED A+| |GUARANTEED PASS|LATEST
UPDATE
______ sets limits on the use and disclosure of patient information and grants individuals rights over
their own health records.
A HIPAA
B SOX
C GLBA
D FERPA
E PCI DSS
HIPAA
______ ensures the protection of information, operations, and assets in federal government.
A SOX
B PCI DSS
C FERPA
D HIPAA
E FISMA
FISMA
______ protects the privacy of students and their parents.
A PCI DSS
B FISMA
C HIPAA
D GLBA
E FERPA
FERPA
1|Page
,______ regulates the financial practice and governance of corporations.
A FERPA
B HIPAA
C GLBA
D FISMA
E SOX
Sox
______ protects the customers of financial institutions.
A PCI DSS
B SOX
C FISMA
D FERPA
E GLBA
GLBA
During what phase of the operations security process do we match threats and vulnerabilities?
A Analysis of threats
B Analysis of vulnerabilities
C Assessment of risks
D Application of countermeasures
E Identification of critical information
Assessment of risks
Haas' second law of operations security, "If you don't know what to protect, how do you know you are
protecting it?," maps to what step in the operations security process?
A Application of countermeasures
B Assessment of risks
C Analysis of vulnerabilities
D Analysis of threats
E Identification of critical information
Identification of critical information
You are leaving for an extended vacation and want to take steps to protect your home. You set a timer
to turn lights and the TV on and off at various times throughout the day, suspend the mail delivery, and
arrange for a neighbor to come in and water the plants. What step in the operations security process do
these actions demonstrate?
A Identification of critical information
B Analysis of threats
C Analysis of vulnerabilities
D Assessment of risks
E Application of countermeasures
Application of countermeasures
2|Page
,The process of intelligence gathering and analysis to support business decisions is known as _______.
A Competitive business
B Business intelligence
C Business competition
D Counter intelligence
E Competitive intelligence
Competitive intelligence
The study that was conducted to discover the cause of the information leak during the Vietnam War was
codenamed ________ and is now considered a symbol of OPSEC.
A Vietnam Viper
B The Art of War
C Purple Dragon
D Sun Tzu
Purple Dragon
Which of the following is not a best practice for password security?
A Educating users on password management
B Creating a password policy
C Enforcing complex password requirements
D Forcing password expiration intervals
E Teaching users how to manually sync passwords between systems
Teaching users how to manually sync passwords between systems
Which social engineering technique involves impersonating someone else to convince the target to
perform some action that they wouldn't normally do for a stranger?
A Spear phishing
B Tailgating
C Pretexting
D Phishing
Pretexting
You swipe your key card to gain access to a secure area of the building. As you pass through the door,
you notice someone right behind you. You don't recall that he was walking behind you a moment ago,
nor do you see a key card in his hand. What social engineering technique is demonstrated in this
example?
A Spear phishing
B Tailgating
C Pretexting
D Phishing
Tailgating
Your IT department has implemented a comprehensive defense in depth strategy to protect your
company resources. The buildings are protected by key card swipes and video surveillance, logins and
3|Page
, passwords are required for access to any digital resource, and your network and workstation equipment
is properly configured, patched, and protected. Policies are in place to recover from any major security
risk. What single entity can invalidate all of these efforts?
A person
B corrupt file
C virus
D USB drive
E bad hard drive
person
Which of the options below is an example of an effective Security Awareness, Training, and Education
(SATE) strategy?
A 3-hour CBT course with a completion certificate, required yearly
B periodic email that references the Employee Handbook and includes a link to a required quiz
C biannual conference room training session that offers free coffee and is four hours long
D daily "security check" question that, if answered correctly, enters the user into a giveaway
daily "security check" question that, if answered correctly, enters the user into a giveaway
Your company has an office full of expensive computer equipment to protect. You recommend a variety
of approaches, including a security guard stationed at the entrance, a high fence around the property,
and key card entry to all nonpublic areas. What security concept are you recommending to protect your
company's assets?
A Nonrepudiation
B Capability-based security
C Access control lists
D Principle of least privilege
E Defense in depth
Defense in depth
You work for a small company that has just upgraded its data servers. The new servers are up and
running, and normal operations have resumed. The company plans to sell its old equipment. What is
your primary concern before they auction off the old hardware?
A Data redundancy
B Data availability
C Data backups
D Residual data
Residual data
What planning process ensures that critical business functions can continue to operate during an
emergency?
A Disaster recovery planning
B Operations security planning
C Risk management planning
4|Page
