WGU Master's Course C795 -
Cybersecurity Management II Tactical
ACTUAL EXAM STUDY GUIDE 2026 COMPLETE
QUESTIONS WITH CORRECT DETAILED
ANSWERS ||
100% GUARANTEED PASS
<RECENT VERSION>
1. Common Vulnerabilities and Exposures (CVE) - ANSWER Provides a
naming system for describing security vulnerabilities.
2. Common Vulnerability Scoring System (CVSS) - ANSWER provides a
standardized scoring system for describing the severity of security
vulnerabilities.
3. Common Configuration Enumeration (CCE) - ANSWER provides a naming
system for system configuration issues.
4. Common Platform Enumeration (CPE) - ANSWER provides a naming
system for operating systems, applications, and devices.
5. Extensible Configuration Checklist Description Format (XCCDF) -
ANSWER provides a language for specifying security checklists.
,6. Open Vulnerability and Assessment Language (OVAL) - ANSWER
provides a language for describing security testing procedures.
7. Vulnerability scans - ANSWER automatically probe systems, applications,
and networks, looking for weaknesses that may be exploited by an attacker.
8. differential backup - ANSWER A type of partial backup that involves
copying all changes made since the last full backup. Thus, each new
differential backup file contains the cumulative effects of all activity since
the last full backup.
9. store all files that have been modified since the time of the most recent full
backup. Only files that have the archive bit turned on, enabled, or set to 1 are
duplicated. However, unlike full and incremental backups, the differential
backup process does not change the archive bit.
10.Electronic Vaulting - ANSWER A storage scenario in which database
backups are transferred to a remote site in a bulk transfer fashion. The
remote location may be a dedicated alternative recovery site (such as a hot
site) or simply an offsite location managed within the company or by a
contractor for the purpose of maintaining backup data
11.full backup - ANSWER A complete copy of data contained on the protected
device on the backup media.
,12.Full-interruption tests - ANSWER operate like parallel tests, but they
involve actually shutting down operations at the primary site and shifting
them to the recovery site.
13.Tangible assets - ANSWER include hardware and software assets owned by
the company.
14.Intangible assets - ANSWER include patents, copyrights, a company's
reputation, and other assets representing potential revenue.
15.Software as a Service (SaaS) - ANSWER models provide fully functional
applications typically accessible via a web browser.
16.The vendor (Google in this example) is responsible for all maintenance of
the SaaS services. Customers do not manage or control any of the cloud-
based assets.
17.Platform as a Service (PaaS) - ANSWER provide consumers with a
computing platform, including hardware, operating systems, and a runtime
environment. The runtime environment includes programming languages,
libraries, services, and other tools supported by the vendor. Customers
deploy applications that they've created or acquired, manage their
applications, and possibly modify some configuration settings on the host.
However, the vendor is responsible for maintenance of the host and the
underlying cloud infrastructure.
, 18.Infrastructure as a Service (IaaS) - ANSWER provide basic computing
resources to customers. This includes servers, storage, and networking
resources. Customers install operating systems and applications and perform
all required maintenance on the operating systems and applications. The
vendor maintains the cloud-based infrastructure, ensuring that consumers
have access to leased systems.
19.A combined mail server and calendaring server environment contains no
secure sockets layer (SSL) certificate.
Which security principle of the CIA triad is affected by the lack of an SSL
certificate?
A Confidentiality
B Integrity
C Authentication
D Availability - ANSWER A
20.A company does not have a disaster recovery plan (DRP) and suffers a
multiday power outage.
Which provisioning should the company perform to provide stable power for
a long period of time?
A Purchase generators
B Purchase additional servers
C Create a RAID array
Cybersecurity Management II Tactical
ACTUAL EXAM STUDY GUIDE 2026 COMPLETE
QUESTIONS WITH CORRECT DETAILED
ANSWERS ||
100% GUARANTEED PASS
<RECENT VERSION>
1. Common Vulnerabilities and Exposures (CVE) - ANSWER Provides a
naming system for describing security vulnerabilities.
2. Common Vulnerability Scoring System (CVSS) - ANSWER provides a
standardized scoring system for describing the severity of security
vulnerabilities.
3. Common Configuration Enumeration (CCE) - ANSWER provides a naming
system for system configuration issues.
4. Common Platform Enumeration (CPE) - ANSWER provides a naming
system for operating systems, applications, and devices.
5. Extensible Configuration Checklist Description Format (XCCDF) -
ANSWER provides a language for specifying security checklists.
,6. Open Vulnerability and Assessment Language (OVAL) - ANSWER
provides a language for describing security testing procedures.
7. Vulnerability scans - ANSWER automatically probe systems, applications,
and networks, looking for weaknesses that may be exploited by an attacker.
8. differential backup - ANSWER A type of partial backup that involves
copying all changes made since the last full backup. Thus, each new
differential backup file contains the cumulative effects of all activity since
the last full backup.
9. store all files that have been modified since the time of the most recent full
backup. Only files that have the archive bit turned on, enabled, or set to 1 are
duplicated. However, unlike full and incremental backups, the differential
backup process does not change the archive bit.
10.Electronic Vaulting - ANSWER A storage scenario in which database
backups are transferred to a remote site in a bulk transfer fashion. The
remote location may be a dedicated alternative recovery site (such as a hot
site) or simply an offsite location managed within the company or by a
contractor for the purpose of maintaining backup data
11.full backup - ANSWER A complete copy of data contained on the protected
device on the backup media.
,12.Full-interruption tests - ANSWER operate like parallel tests, but they
involve actually shutting down operations at the primary site and shifting
them to the recovery site.
13.Tangible assets - ANSWER include hardware and software assets owned by
the company.
14.Intangible assets - ANSWER include patents, copyrights, a company's
reputation, and other assets representing potential revenue.
15.Software as a Service (SaaS) - ANSWER models provide fully functional
applications typically accessible via a web browser.
16.The vendor (Google in this example) is responsible for all maintenance of
the SaaS services. Customers do not manage or control any of the cloud-
based assets.
17.Platform as a Service (PaaS) - ANSWER provide consumers with a
computing platform, including hardware, operating systems, and a runtime
environment. The runtime environment includes programming languages,
libraries, services, and other tools supported by the vendor. Customers
deploy applications that they've created or acquired, manage their
applications, and possibly modify some configuration settings on the host.
However, the vendor is responsible for maintenance of the host and the
underlying cloud infrastructure.
, 18.Infrastructure as a Service (IaaS) - ANSWER provide basic computing
resources to customers. This includes servers, storage, and networking
resources. Customers install operating systems and applications and perform
all required maintenance on the operating systems and applications. The
vendor maintains the cloud-based infrastructure, ensuring that consumers
have access to leased systems.
19.A combined mail server and calendaring server environment contains no
secure sockets layer (SSL) certificate.
Which security principle of the CIA triad is affected by the lack of an SSL
certificate?
A Confidentiality
B Integrity
C Authentication
D Availability - ANSWER A
20.A company does not have a disaster recovery plan (DRP) and suffers a
multiday power outage.
Which provisioning should the company perform to provide stable power for
a long period of time?
A Purchase generators
B Purchase additional servers
C Create a RAID array
