WGU C836 – FUNDAMENTALS OF INFORMATION
SECURITY EXAM QUESTIONS WITH CORRECT
SOLUTION
Which Cybersecurity Term Is Defined As The Potential For An Attack On A Resource?
A Impact
B Vulnerability
C Risk
D Threat
Which Security Type Deliberately Exposes A System's Vulnerabilities Or Resources To
An Attacker?
A Intrusion Detection
B Firewalls
C Honeypots
D Intrusion Prevention
Which Tool Can Be Used To Map Devices On A Network, Along With Their
Operating System Types And Versions?
A Packet Sniffer
B Packet Filter
C Port Scanner
D Stateful Firewall
Which Web Attack Is A Server-Side Attack?
,A Clickjacking
B Cross-Site Scripting
C Sql Injection
D Cross-Site Request Forgery
An Organization Employs A Vpn To Safeguard Its Information. Which Security Principle
Is Protected By A Vpn?
A Data In Motion
B Data At Rest
C Data In Use
D Data In Storage
A Malicious Hacker Was Successful In A Denial Of Service (Dos) Attack Against
An Institution's Mail Server. Fortunately, No Data Was Lost Or Altered While The
Server Was Offline.
Which Type Of Attack Is This?
A Modification
B Fabrication
C Interception
D Interruption
A Company Has Had Several Successful Denial Of Service (Dos) Attacks On Its
Email Server. Which Security Principle Is Being Attacked?
A Possession
B Integrity
C Confidentiality
,D Availability
A New Start-Up Company Has Started Working On A Social Networking Website.
The Company Has Moved All Its Source Code To A Cloud Provider And Wants To
Protect This Source Code From Unauthorized Access.
Which Cyber Defense Concept Should The Start-Up Company Use To Maintain The
Confidentiality Of Its Source Code?
A Alarm Systems
B Account Permissions
C Antivirus Software
D File Encryption
A Company Has An Annual Audit Of Installed Software And Data Storage Systems.
During The Audit, The Auditor Asks How The Company's Most Critical Data Is
Used. This Determination Helps The Auditor Ensure That The Proper Defense
Mechanisms Are In Place To Protect Critical Data.
Which Principle Of The Parkerian Hexad Is The Auditor Addressing?
A Possession
B Integrity
C Authenticity
D Utility
Which Web Attack Is Possible Due To A Lack Of Input Validation?
A Extraneous Files
B Clickjacking
C Sql Injection
, D Cross-Site Request Forgery
Which File Action Implements The Principle Of Confidentiality From The Cia Triad?
A Compression
B Hash
C Backup
D Encryption
Which Cyber Defense Concept Suggests Limiting Permissions To Only What Is
Necessary To Perform A Particular Task?
A Authentication
B Authorization
C Defense In Depth
D Principle Of Least Privilege
A Company Institutes A New Policy That "All Office Computer Monitors Must
Face Toward Employees And Must Face Away From Doorways. The Monitor
Screens Must Not Be Visible To People Visiting The Office."
Which Principle Of The Cia Triad Is This Company Applying?
A Availability
B Confidentiality
C Utility
D Integrity
At A Small Company, An Employee Makes An Unauthorized Data Alteration. Which
Component Of The Cia Triad Has Been Compromised?
A Confidentiality
B Authenticity
C Integrity
SECURITY EXAM QUESTIONS WITH CORRECT
SOLUTION
Which Cybersecurity Term Is Defined As The Potential For An Attack On A Resource?
A Impact
B Vulnerability
C Risk
D Threat
Which Security Type Deliberately Exposes A System's Vulnerabilities Or Resources To
An Attacker?
A Intrusion Detection
B Firewalls
C Honeypots
D Intrusion Prevention
Which Tool Can Be Used To Map Devices On A Network, Along With Their
Operating System Types And Versions?
A Packet Sniffer
B Packet Filter
C Port Scanner
D Stateful Firewall
Which Web Attack Is A Server-Side Attack?
,A Clickjacking
B Cross-Site Scripting
C Sql Injection
D Cross-Site Request Forgery
An Organization Employs A Vpn To Safeguard Its Information. Which Security Principle
Is Protected By A Vpn?
A Data In Motion
B Data At Rest
C Data In Use
D Data In Storage
A Malicious Hacker Was Successful In A Denial Of Service (Dos) Attack Against
An Institution's Mail Server. Fortunately, No Data Was Lost Or Altered While The
Server Was Offline.
Which Type Of Attack Is This?
A Modification
B Fabrication
C Interception
D Interruption
A Company Has Had Several Successful Denial Of Service (Dos) Attacks On Its
Email Server. Which Security Principle Is Being Attacked?
A Possession
B Integrity
C Confidentiality
,D Availability
A New Start-Up Company Has Started Working On A Social Networking Website.
The Company Has Moved All Its Source Code To A Cloud Provider And Wants To
Protect This Source Code From Unauthorized Access.
Which Cyber Defense Concept Should The Start-Up Company Use To Maintain The
Confidentiality Of Its Source Code?
A Alarm Systems
B Account Permissions
C Antivirus Software
D File Encryption
A Company Has An Annual Audit Of Installed Software And Data Storage Systems.
During The Audit, The Auditor Asks How The Company's Most Critical Data Is
Used. This Determination Helps The Auditor Ensure That The Proper Defense
Mechanisms Are In Place To Protect Critical Data.
Which Principle Of The Parkerian Hexad Is The Auditor Addressing?
A Possession
B Integrity
C Authenticity
D Utility
Which Web Attack Is Possible Due To A Lack Of Input Validation?
A Extraneous Files
B Clickjacking
C Sql Injection
, D Cross-Site Request Forgery
Which File Action Implements The Principle Of Confidentiality From The Cia Triad?
A Compression
B Hash
C Backup
D Encryption
Which Cyber Defense Concept Suggests Limiting Permissions To Only What Is
Necessary To Perform A Particular Task?
A Authentication
B Authorization
C Defense In Depth
D Principle Of Least Privilege
A Company Institutes A New Policy That "All Office Computer Monitors Must
Face Toward Employees And Must Face Away From Doorways. The Monitor
Screens Must Not Be Visible To People Visiting The Office."
Which Principle Of The Cia Triad Is This Company Applying?
A Availability
B Confidentiality
C Utility
D Integrity
At A Small Company, An Employee Makes An Unauthorized Data Alteration. Which
Component Of The Cia Triad Has Been Compromised?
A Confidentiality
B Authenticity
C Integrity
