lOMoARcPSD| 54339004
WGU C836
FUNDAMENTALS OF INFORMATION SECURITY
QUESTIONS AND ANSWERS WITH VERIFIED
SOLUTIONS 100% CORRECT
RATED A+
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
WGU COURSE C836 -
FUNDAMENTALS OF INFORMATION
SECURITY
1. Which cybersecurity term is defined as the potential for
an attack on a resource?
A) Impact
B) Vulnerability
C) Risk
✅ D) Threat
2. Which security type deliberately exposes a system's
vulnerabilities or resources to an attacker?
A) Intrusion detection
B) Firewalls
✅ C) Honeypots
D) Intrusion prevention
3. Which tool can be used to map devices on a network,
along with their operating system types and versions?
A) Packet sniffer
B) Packet filter
✅ C) Port scanner
D) Stateful firewall
4. Which web attack is a server-side attack?
A) Clickjacking
B) Cross-site scripting
✅ C) SQL injection
D) Cross-site request forgery
5. An organization employs a VPN to safeguard its
information. Which security principle is protected by a
VPN?
✅ A) Data in motion
B) Data at rest
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
C) Data in use
D) Data in storage
6. A denial of service (DoS) attack left a mail server offline
with no data loss. Which type of attack is this?
A) Modification
B) Fabrication
C) Interception
✅ D) Interruption
7. A company has had several DoS attacks on its email server.
Which security principle is being attacked?
A) Possession
B) Integrity
C) Confidentiality
✅ D) Availability
8. A startup wants to protect its source code stored in the
cloud. What should it use?
A) Alarm systems
B) Account permissions
C) Antivirus software
✅ D) File encryption
9. During an audit, a question is asked about how critical
data is used. What Parkerian hexad principle is this?
A) Possession
B) Integrity
C) Authenticity
✅ D) Utility
10. Which web attack is possible due to a lack of input
validation?
A) Extraneous files
B) Clickjacking
✅ C) SQL injection
D) Cross-site request forgery
11. Which file action implements the principle of
confidentiality?
A) Compression
B) Hash
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
C) Backup
✅ D) Encryption
12. Which cyber defense concept limits permissions to only
what's necessary?
A) Authentication
B) Authorization
C) Defense in depth
✅ D) Principle of least privilege
13. Company policy: monitors must face away from
doorways. Which CIA triad principle is this?
A) Availability
✅ B) Confidentiality
C) Utility
D) Integrity
At a small company, an employee makes an unauthorized data
alteration.
Which component of the CIA triad has been compromised?
A Confidentiality
B Authenticity
C Integrity
D Availability - ANSWER✔✔ C
An organization plans to encrypt data in transit on a network.
Which aspect of data is the organization attempting to protect?
A Integrity
https://www.stuvia.com/user/LUCIDWISE
WGU C836
FUNDAMENTALS OF INFORMATION SECURITY
QUESTIONS AND ANSWERS WITH VERIFIED
SOLUTIONS 100% CORRECT
RATED A+
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
WGU COURSE C836 -
FUNDAMENTALS OF INFORMATION
SECURITY
1. Which cybersecurity term is defined as the potential for
an attack on a resource?
A) Impact
B) Vulnerability
C) Risk
✅ D) Threat
2. Which security type deliberately exposes a system's
vulnerabilities or resources to an attacker?
A) Intrusion detection
B) Firewalls
✅ C) Honeypots
D) Intrusion prevention
3. Which tool can be used to map devices on a network,
along with their operating system types and versions?
A) Packet sniffer
B) Packet filter
✅ C) Port scanner
D) Stateful firewall
4. Which web attack is a server-side attack?
A) Clickjacking
B) Cross-site scripting
✅ C) SQL injection
D) Cross-site request forgery
5. An organization employs a VPN to safeguard its
information. Which security principle is protected by a
VPN?
✅ A) Data in motion
B) Data at rest
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
C) Data in use
D) Data in storage
6. A denial of service (DoS) attack left a mail server offline
with no data loss. Which type of attack is this?
A) Modification
B) Fabrication
C) Interception
✅ D) Interruption
7. A company has had several DoS attacks on its email server.
Which security principle is being attacked?
A) Possession
B) Integrity
C) Confidentiality
✅ D) Availability
8. A startup wants to protect its source code stored in the
cloud. What should it use?
A) Alarm systems
B) Account permissions
C) Antivirus software
✅ D) File encryption
9. During an audit, a question is asked about how critical
data is used. What Parkerian hexad principle is this?
A) Possession
B) Integrity
C) Authenticity
✅ D) Utility
10. Which web attack is possible due to a lack of input
validation?
A) Extraneous files
B) Clickjacking
✅ C) SQL injection
D) Cross-site request forgery
11. Which file action implements the principle of
confidentiality?
A) Compression
B) Hash
https://www.stuvia.com/user/LUCIDWISE
, lOMoARcPSD| 54339004
C) Backup
✅ D) Encryption
12. Which cyber defense concept limits permissions to only
what's necessary?
A) Authentication
B) Authorization
C) Defense in depth
✅ D) Principle of least privilege
13. Company policy: monitors must face away from
doorways. Which CIA triad principle is this?
A) Availability
✅ B) Confidentiality
C) Utility
D) Integrity
At a small company, an employee makes an unauthorized data
alteration.
Which component of the CIA triad has been compromised?
A Confidentiality
B Authenticity
C Integrity
D Availability - ANSWER✔✔ C
An organization plans to encrypt data in transit on a network.
Which aspect of data is the organization attempting to protect?
A Integrity
https://www.stuvia.com/user/LUCIDWISE
