WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM OBJECTIVE ASSESSMENT NEWEST 2024 TEST BANK ACTUAL EXAM 300 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+

WGU D430 FUNDAMENTALS OF INFORMATION SEC
n n n n n



URITY EXAM OBJECTIVE ASSESSMENT NEWEST 20
n n n n n



24 TEST BANK ACTUAL EXAM 300 QUESTIONS AND
n n n n n n n n



CORRECT DETAILED ANSWERS (VERIFIED ANSWE n n n n



RS) |ALREADY GRADED A+ n n n




A company wants to update its access control policy
nV nV nV nV nV nV n V n V



. The company wants to prevent hourly employees f
nV nV nV nV nV nV nV nV



rom logging in to company computers after busines
nV nV nV nV nV nV nV



s hours.
nV




Which type of access control policy should beimple
nV nV nV nV nV nV nV V
n



mented?

A Mandator
nV



yB Physical
V
n nV



C Discretionary
nV



D Attribute-based - ...ANSWER...D
nV nV nV




A new software development company has determi
nV nV nV nV nV nV



nedthat one of its proprietary algorithms is at a hig
V
n nV nV nV nV nV nV n V n V n V



h risk for unauthorized disclosure. The company's s
n V nV nV nV nV nV nV



ecurity upto this point has been fairly lax.
nV V
n nV nV nV nV nV nV




Which procedure should the company implement to
nV nV nV nV nV nV V
n



protect this asset? nV nV




A Transfer the algorithm onto servers in thedemilit
nV nV nV nV nV nV nV V
n



arized zone. nV



B Store the algorithm on highly available servers.
nV nV nV nV nV nV nV

,C Relocate the algorithm to encrypted storage.
nV nV nV nV nV nV



D Create multiple off-
nV nV nV



site backups of the algorithm. -
nV nV nV nV nV



...ANSWER...C

An accounting firm stores financial data for many cu
nV nV nV nV nV nV nV nV



stomers. The company policy requires that employee
nV nV nV nV nV nV



s only access data for customers they are assigned
nV nV nV nV nV nV nV nV nV



to. The company implements a written policyindicat
nV nV nV nV nV nV V
n



ing an employee can be fired for violating this requir
nV nV nV nV nV nV nV nV nV



ement.

Which type of control has the company implement
nV nV nV nV nV nV nV




ed?A Deterrent
V
n nV



B Active
nV



C Preventive
nV



D Detective - ...ANSWER...A
nV nV nV




How can an operating system be hardened in accor
nV nV nV nV nV nV nV nV



dance to the principle of least privilege?
nV nV nV nV nV nV




A Implement account auditin
n V n V n V



g. B Remove unneeded servi
nV n V n V n V



ces. C Restrict account permi
nV nV nV nV



ssions.
D Remove unnecessary software. - ...ANSWER...C
nV nV nV nV nV




A company implements an Internet-
nV nV nV nV



facing web serverfor its sales force to review produ
nV nV V
n nV nV nV nV nV nV



ct information. Thesales force can also update its pr
nV nV V
n nV nV nV nV nV nV



ofiles and profile photos, but not the product informa
nV nV nV nV nV nV nV nV



tion. There is no other information on this server.
nV nV nV nV nV nV nV nV

,Which content access permissions should be granted
nV nV nV nV nV nV n



Vtothe sales force based on the principle of least pri
V
n nV nV nV nV nV nV nV nV nV



vilege?

A Read and limited write acce
nV nV nV nV nV



ssB Read and write access
V
n nV nV nV nV



C Limited write access only
nV nV nV nV



D Limited read access only - ...ANSWER...A
nV nV nV nV nV nV




A corporation has discovered that some confidential p
nV nV nV nV nV nV nV



ersonnel information has been used inappropriately.
nV nV nV nV nV




How can the principle of least privilege be applied
nV nV nV nV nV nV nV nV nV



tolimit access to confidential personnel records?
V
n nV nV nV nV nV




A Only allow access to those with elevated securit
nV nV nV nV nV nV nV nV



ypermissions.
V
n



B Only allow access to department heads andexecu
nV nV nV nV nV nV nV V
n



tives.
C Only allow access to those who need access top
nV nV nV nV nV nV nV nV nV V
n



erform their job. nV nV



D Only allow access to those who work in the hu
nV nV nV nV nV nV nV nV nV nV



manresources department. - ...ANSWER...C
V
n nV nV nV




A user runs an application that has been infected
nV nV nV nV nV nV nV nV n



withmalware that is less than 24 hours old. The mal
V V
n nV nV nV nV nV nV nV nV nV



ware then infects the operating system.
nV nV nV nV nV




Which safeguard should be implemented to prevent t
nV nV nV nV nV nV nV



histype of attack?
V
n nV nV




A Install the latest security updat
nV nV nV nV nV



es.B Uninstall unnecessary softwa
V
n nV nV nV



re.

, C Modify the default user accounts.
nV nV nV nV nV



D Limit user account privileges. - ...ANSWER...D
nV nV nV nV nV nV




A company was the victim of a security breach res
nV nV nV nV n V n V n V n V nV



ulting in stolen user credentials. An attacker used
nV nV nV nV nV nV nV nV



astolen username and password to log in to an em
V
n nV nV nV nV n V n V n V n V nV



ployee email account.
nV nV




Which security practice could have reduced the pos
nV nV nV nV nV nV nV



t-breach impact of this event?
V
n nV nV nV nV




A Multi-
n V



factor authentication B Oper
n V nV nV



ating system hardeningC Ne
nV nV V
n nV



twork segmentation nV



D Mutual authentication - ...ANSWER...A
nV nV nV nV




A module in a security awareness course shows a
nV nV nV nV nV nV nV nV nV



usermaking use of two-
V
n nV nV nV



factor authentication using a hardware token.
nV nV nV nV nV




Which security failure is being addressed by thistra
nV nV nV nV nV nV nV V
n



ining module? nV




AnV Tailgating nV



BnV Pretextin
g
CnV Malware infections nV



DnV Weak passwords - ...ANSWER...D
nV nV nV




Which tool should an application developer use to
nV nV nV nV nV nV nV nV



helpidentify input validation vulnerabilities?
V
n nV nV nV




A scanner
nV