Page 1 of 150
WGU C836 Fundamentals of Information Security
OA exam (2 VERSIONS) 2026-2027 COMPLETE 400
QUESTIONS AND VERIFIED SOLUTIONS LATEST
UPDATE THIS YEAR
WGU C836 Fundamentals of Information Security OA exam
QUESTION: What is the first and arguably one of the most important steps of the risk
management process?
A.Assess risks
B.Mitigate risks
C.Identify threats
D.Assess vulnerabilities
E.Identify assets - ANSWER-Identify assets
QUESTION: Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - ANSWER-information security
,Page 2 of 150
QUESTION: A type of attack, primarily against confidentiality - ANSWER-Interception
QUESTION: Something that has the potential to cause harm to our assets - ANSWER-Threat
QUESTION: A weakness that can be used to harm us - ANSWER-Vulnerability
QUESTION: The likelihood that something bad will happen - ANSWER-Risk
QUESTION: An attack that involves tampering with our assets - ANSWER-Modification attack
QUESTION: A model that adds three more principles to the CIA triad: possession or control,
utility, and authenticity - ANSWER-Parkerian hexad
QUESTION: The physical disposition of the media on which the data is stored - ANSWER-
Possession or control
,Page 3 of 150
QUESTION: An attack that involves generating data, processes, communications, or other
similar activities with a system - ANSWER-Fabrication attack
QUESTION: A multilayered defense that will allow us to achieve a successful defense should one
or more of our defensive measures fail - ANSWER-Defense in depth
QUESTION: Sometimes called technical controls, these protect the systems, networks, and
environments that process, transmit, and store our data - ANSWER-Logical controls
QUESTION: Controls that protect the physical environment in which our systems sit, or where
our data is stored - ANSWER-Physical controls
QUESTION: The risk management phase that consists of all of the activities that we can perform
in advance of the incident itself, in order to better enable us to handle it - ANSWER-Preparation
phase
, Page 4 of 150
QUESTION: The risk management phase where we detect the occurrence of an issue and decide
whether it is actually an incident so that we can respond to it appropriately - ANSWER-
Detection and analysis phase
QUESTION: The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWER-E.Permanence
QUESTION: What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
A.Multifactor
WGU C836 Fundamentals of Information Security
OA exam (2 VERSIONS) 2026-2027 COMPLETE 400
QUESTIONS AND VERIFIED SOLUTIONS LATEST
UPDATE THIS YEAR
WGU C836 Fundamentals of Information Security OA exam
QUESTION: What is the first and arguably one of the most important steps of the risk
management process?
A.Assess risks
B.Mitigate risks
C.Identify threats
D.Assess vulnerabilities
E.Identify assets - ANSWER-Identify assets
QUESTION: Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - ANSWER-information security
,Page 2 of 150
QUESTION: A type of attack, primarily against confidentiality - ANSWER-Interception
QUESTION: Something that has the potential to cause harm to our assets - ANSWER-Threat
QUESTION: A weakness that can be used to harm us - ANSWER-Vulnerability
QUESTION: The likelihood that something bad will happen - ANSWER-Risk
QUESTION: An attack that involves tampering with our assets - ANSWER-Modification attack
QUESTION: A model that adds three more principles to the CIA triad: possession or control,
utility, and authenticity - ANSWER-Parkerian hexad
QUESTION: The physical disposition of the media on which the data is stored - ANSWER-
Possession or control
,Page 3 of 150
QUESTION: An attack that involves generating data, processes, communications, or other
similar activities with a system - ANSWER-Fabrication attack
QUESTION: A multilayered defense that will allow us to achieve a successful defense should one
or more of our defensive measures fail - ANSWER-Defense in depth
QUESTION: Sometimes called technical controls, these protect the systems, networks, and
environments that process, transmit, and store our data - ANSWER-Logical controls
QUESTION: Controls that protect the physical environment in which our systems sit, or where
our data is stored - ANSWER-Physical controls
QUESTION: The risk management phase that consists of all of the activities that we can perform
in advance of the incident itself, in order to better enable us to handle it - ANSWER-Preparation
phase
, Page 4 of 150
QUESTION: The risk management phase where we detect the occurrence of an issue and decide
whether it is actually an incident so that we can respond to it appropriately - ANSWER-
Detection and analysis phase
QUESTION: The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWER-E.Permanence
QUESTION: What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
A.Multifactor
