Page 1 of 90
WGU C954 INFORMATION TECHNOLOGY MANAGEMENT
EXAM QUESTIONS AND CORRECT DETAILED ANSWERS
LATEST UPDATE THIS YEAR
EXAM COVERAGE — WGU C954 INFORMATION TECHNOLOGY MANAGEMENT
The WGU C954 Information Technology Management course focuses on the strategic and
operational management of information technology within organizations. This exam tests the
student's ability to align IT with business strategy, manage IT resources, govern IT processes,
and understand emerging technologies.
Key content areas include:
IT Strategy & Governance — IT governance frameworks (COBIT, ITIL), strategic alignment
of IT with business goals, IT portfolio management, IT steering committees, and the role
of the CIO.
IT Financial Management — Total Cost of Ownership (TCO), Return on Investment (ROI),
NPV, payback period, chargeback models, IT budgeting (capital vs. operational
expenses), and cost-benefit analysis.
IT Resource Management — Human resource management for IT (staffing, training,
retention, outsourcing), vendor management (RFP, RFQ, RFI, SLAs), contract
management, and managing IT consultants.
IT Service Management — ITIL framework (service strategy, design, transition,
operation, continual improvement), service desk, incident management, problem
management, change management, release management, service level management
(SLAs).
Information Security Management — Confidentiality, Integrity, Availability (CIA triad),
risk management (assessment, mitigation, acceptance), security policies, access control
(RBAC, MAC, DAC), encryption, authentication (MFA), compliance (HIPAA, PCI-DSS,
GDPR, SOX), business continuity planning (BCP), disaster recovery (DR), RTO, RPO.
Data & Information Management — Database management, data warehousing, data
mining, business intelligence (BI), data governance, data quality, master data
management, big data (3 Vs), data analytics (descriptive, predictive, prescriptive).
, Page 2 of 90
Emerging Technologies & Trends — Cloud computing (IaaS, PaaS, SaaS), virtualization,
mobile computing, Internet of Things (IoT), artificial intelligence (AI), machine learning
(ML), blockchain, robotic process automation (RPA), and their business implications.
Legal & Ethical Issues in IT — Privacy laws, intellectual property (copyright, patents,
trade secrets), software licensing, computer fraud and abuse, acceptable use policies,
ethics in IT.
Project Management for IT — Project lifecycle (initiation, planning, execution,
monitoring/controlling, closing), agile vs. waterfall methodologies, SCRUM, project
selection methods (NPV, IRR, payback), critical path method (CPM), earned value
management (EVM), risk management.
WGU C954 INFORMATION TECHNOLOGY MANAGEMENT — 200 RANDOMIZED SCENARIO-
BASED MCQS
1. Which IT governance framework provides a set of best practices for aligning IT with business
objectives and managing IT-related risks?
A) ITIL
B) COBIT
C) ISO 27001
D) Six Sigma
Answer: B
RATIONALE: COBIT (Control Objectives for Information and Related Technologies) is a framework
for developing, implementing, monitoring, and improving IT governance and management
practices. It focuses on aligning IT with business goals.
2. A company wants to measure the financial return of an IT project relative to its cost. Which
metric should be used?
, Page 3 of 90
A) Net Present Value (NPV)
B) Return on Investment (ROI)
C) Total Cost of Ownership (TCO)
D) Payback period
Answer: B
RATIONALE: ROI (Return on Investment) calculates the percentage return on an investment
relative to its cost. NPV measures present value of future cash flows; TCO includes all costs over
the asset's life.
3. An IT manager is evaluating cloud service models. Which model provides the customer with
the greatest control over the operating system and installed applications?
A) Software as a Service (SaaS)
B) Platform as a Service (PaaS)
C) Infrastructure as a Service (IaaS)
D) Data as a Service (DaaS)
Answer: C
RATIONALE: IaaS provides virtualized computing resources over the internet, giving customers
control over operating systems, storage, and deployed applications, while the provider manages
the underlying infrastructure.
4. Which IT service management (ITSM) process is responsible for restoring normal service
operation as quickly as possible and minimizing the impact on business operations?
A) Change management
, Page 4 of 90
B) Problem management
C) Incident management
D) Release management
Answer: C
RATIONALE: Incident management focuses on restoring normal service operation as quickly as
possible after an unplanned interruption. Problem management addresses root causes; change
management controls changes.
5. An organization is developing a disaster recovery plan. Which metric defines the maximum
acceptable length of time that a system can be offline after a failure?
A) RTO (Recovery Time Objective)
B) RPO (Recovery Point Objective)
C) MTBF (Mean Time Between Failures)
D) MTTR (Mean Time to Repair)
Answer: A
RATIONALE: RTO (Recovery Time Objective) is the maximum acceptable downtime after a
disaster. RPO defines the maximum acceptable data loss (time since last backup).
6. Which of the following is NOT a component of the CIA triad in information security?
A) Confidentiality
B) Integrity
C) Availability
D) Accountability
WGU C954 INFORMATION TECHNOLOGY MANAGEMENT
EXAM QUESTIONS AND CORRECT DETAILED ANSWERS
LATEST UPDATE THIS YEAR
EXAM COVERAGE — WGU C954 INFORMATION TECHNOLOGY MANAGEMENT
The WGU C954 Information Technology Management course focuses on the strategic and
operational management of information technology within organizations. This exam tests the
student's ability to align IT with business strategy, manage IT resources, govern IT processes,
and understand emerging technologies.
Key content areas include:
IT Strategy & Governance — IT governance frameworks (COBIT, ITIL), strategic alignment
of IT with business goals, IT portfolio management, IT steering committees, and the role
of the CIO.
IT Financial Management — Total Cost of Ownership (TCO), Return on Investment (ROI),
NPV, payback period, chargeback models, IT budgeting (capital vs. operational
expenses), and cost-benefit analysis.
IT Resource Management — Human resource management for IT (staffing, training,
retention, outsourcing), vendor management (RFP, RFQ, RFI, SLAs), contract
management, and managing IT consultants.
IT Service Management — ITIL framework (service strategy, design, transition,
operation, continual improvement), service desk, incident management, problem
management, change management, release management, service level management
(SLAs).
Information Security Management — Confidentiality, Integrity, Availability (CIA triad),
risk management (assessment, mitigation, acceptance), security policies, access control
(RBAC, MAC, DAC), encryption, authentication (MFA), compliance (HIPAA, PCI-DSS,
GDPR, SOX), business continuity planning (BCP), disaster recovery (DR), RTO, RPO.
Data & Information Management — Database management, data warehousing, data
mining, business intelligence (BI), data governance, data quality, master data
management, big data (3 Vs), data analytics (descriptive, predictive, prescriptive).
, Page 2 of 90
Emerging Technologies & Trends — Cloud computing (IaaS, PaaS, SaaS), virtualization,
mobile computing, Internet of Things (IoT), artificial intelligence (AI), machine learning
(ML), blockchain, robotic process automation (RPA), and their business implications.
Legal & Ethical Issues in IT — Privacy laws, intellectual property (copyright, patents,
trade secrets), software licensing, computer fraud and abuse, acceptable use policies,
ethics in IT.
Project Management for IT — Project lifecycle (initiation, planning, execution,
monitoring/controlling, closing), agile vs. waterfall methodologies, SCRUM, project
selection methods (NPV, IRR, payback), critical path method (CPM), earned value
management (EVM), risk management.
WGU C954 INFORMATION TECHNOLOGY MANAGEMENT — 200 RANDOMIZED SCENARIO-
BASED MCQS
1. Which IT governance framework provides a set of best practices for aligning IT with business
objectives and managing IT-related risks?
A) ITIL
B) COBIT
C) ISO 27001
D) Six Sigma
Answer: B
RATIONALE: COBIT (Control Objectives for Information and Related Technologies) is a framework
for developing, implementing, monitoring, and improving IT governance and management
practices. It focuses on aligning IT with business goals.
2. A company wants to measure the financial return of an IT project relative to its cost. Which
metric should be used?
, Page 3 of 90
A) Net Present Value (NPV)
B) Return on Investment (ROI)
C) Total Cost of Ownership (TCO)
D) Payback period
Answer: B
RATIONALE: ROI (Return on Investment) calculates the percentage return on an investment
relative to its cost. NPV measures present value of future cash flows; TCO includes all costs over
the asset's life.
3. An IT manager is evaluating cloud service models. Which model provides the customer with
the greatest control over the operating system and installed applications?
A) Software as a Service (SaaS)
B) Platform as a Service (PaaS)
C) Infrastructure as a Service (IaaS)
D) Data as a Service (DaaS)
Answer: C
RATIONALE: IaaS provides virtualized computing resources over the internet, giving customers
control over operating systems, storage, and deployed applications, while the provider manages
the underlying infrastructure.
4. Which IT service management (ITSM) process is responsible for restoring normal service
operation as quickly as possible and minimizing the impact on business operations?
A) Change management
, Page 4 of 90
B) Problem management
C) Incident management
D) Release management
Answer: C
RATIONALE: Incident management focuses on restoring normal service operation as quickly as
possible after an unplanned interruption. Problem management addresses root causes; change
management controls changes.
5. An organization is developing a disaster recovery plan. Which metric defines the maximum
acceptable length of time that a system can be offline after a failure?
A) RTO (Recovery Time Objective)
B) RPO (Recovery Point Objective)
C) MTBF (Mean Time Between Failures)
D) MTTR (Mean Time to Repair)
Answer: A
RATIONALE: RTO (Recovery Time Objective) is the maximum acceptable downtime after a
disaster. RPO defines the maximum acceptable data loss (time since last backup).
6. Which of the following is NOT a component of the CIA triad in information security?
A) Confidentiality
B) Integrity
C) Availability
D) Accountability
