WGU D488 - CASP+ questions and verified answers
(detailed & elaborated) ACTUAL EXAM 2025 TESTS!!
Design Secure Network Architecture - 25%
Ans: Section 1
Identity and Access Management
Ans: A framework of policies and technologies used to manage digital identities and control user access
to a resource within an organization
Password Policy
Ans: Rules set to enforce strong password creation and management, including requirements for
length, history, complexity, and more.
Privileged Access Management
Ans: A security practice that monitors and controls access to critical systems and data by users with
elevated access (e.g. admin accounts)
, Password Complexity
Ans: A set of rules designed to make a password stronger and more difficult to crack or guess.
Kerberos
Ans: A network authentication protocol that uses symmetric key cryptography to securely authenticate
users and services over the network.
Mandatory Access Control (MAC)
Ans: A security model where access to resources is determined by system-enforced policies. Access is
granted based on labels or classifications. (e.g. "Top Secret")
Attribute-Based Access Control (ABAC)
Ans: A security model where access to resources is determined by attributes such as user role, location,
time of access, etc...
In-band authentication
Ans: A security method where authentication occurs within the same communication channel used to
access the service or system. An example will include receiving a verification token on the same device
you are using to login.
Out-of-Band authentication
(detailed & elaborated) ACTUAL EXAM 2025 TESTS!!
Design Secure Network Architecture - 25%
Ans: Section 1
Identity and Access Management
Ans: A framework of policies and technologies used to manage digital identities and control user access
to a resource within an organization
Password Policy
Ans: Rules set to enforce strong password creation and management, including requirements for
length, history, complexity, and more.
Privileged Access Management
Ans: A security practice that monitors and controls access to critical systems and data by users with
elevated access (e.g. admin accounts)
, Password Complexity
Ans: A set of rules designed to make a password stronger and more difficult to crack or guess.
Kerberos
Ans: A network authentication protocol that uses symmetric key cryptography to securely authenticate
users and services over the network.
Mandatory Access Control (MAC)
Ans: A security model where access to resources is determined by system-enforced policies. Access is
granted based on labels or classifications. (e.g. "Top Secret")
Attribute-Based Access Control (ABAC)
Ans: A security model where access to resources is determined by attributes such as user role, location,
time of access, etc...
In-band authentication
Ans: A security method where authentication occurs within the same communication channel used to
access the service or system. An example will include receiving a verification token on the same device
you are using to login.
Out-of-Band authentication
