WGU D487 Cybersecurity & Information Security
Management Comprehensive Resource To Help You Ace
2026-2027 Includes Frequently Tested Questions With
ELABORATED 100% Correct COMPLETE SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. What is the risk management process? - ANSWER Identify Assets-
identifying and categorizing assets that we're protecting
Identify Threats- identify threats
Assess Vulnerabilities- look for impacts
Assess Risks- assess the risk overall
Mitigate Risk- ensure that a given type of threat is accounted for.
2. Incident response process: - ANSWER Preparation- the activties that we
can perform, in advance of the incident itsself, in order to better enable us
to handle it.
Detection and Analysis (Identification)- detect the occurrence of an issue and
decide whether or not it is actually an incident, so that we can respond
appropriately
Containment- involves taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm
Eradication- attempt to remove the effects of the issue from our environment
Recovery- restoring devices or data to pre-incident state (rebuilding systems,
reloading applications, backup media, etc.
,Post-incident activity- determine specifically what happened, why it happened
and what we can to keep it from happening again.
3. Authorization - ANSWER what the user can assess, modify, delete
4. Least privilege - ANSWER giving the bare minimum level of access it
needs to perform its job/functionality
5. What makes Access Control - ANSWER Allowing- lets us give a
particular party access to a given source
Denying- opposite of gaining access
Limiting- allowing some access to our resource, only up to a certain point
Revoking- takes access away from former user
Access Control List- info about what kind of access certain parties are allowed to
have to a given system
Network ACL- filter access rules for incoming and outgoing network transactions,
such as Internet Protocol (IP) Addresses, Media Access Control (MAC) addresses,
and ports
6. Discretionary (DAC) *Access Control Models - ANSWER owner of
resources determines who gets access and what level of
7. Mandatory (MAC) *Access Control Models - ANSWER separate group or
individual (from owner) has the authority to set access to recourses
,8. Rule-based *Access Control Models - ANSWER allows access according
to a set of rules defined by the system administrator
9. Role-based (RBAC) *Access Control Models - ANSWER functions access
controls set by an authority responsible for doing so, rather than by the
owner of the resource
10. Attribute-based (ABAC) *Access Control Models - ANSWER based on
attributes, such as of a person, resource, or an environment
11. Accountability *Access Control Models - ANSWER refers to making sure
that a person is responsible for their actions. It provides us with the means
to trace activities in our environment back to their source.
12. Nonrepudiation *Access Control Models - ANSWER a situation in which
sufficient evidence exists as to prevent an individual from successfully
denying that he or she has made a statement or taken an action
13. Intrusion detection (IDSes) *Access Control Models - ANSWER monitors
and reports malicious events
14. Intrusion prevention (IPSes) *Access Control Models - ANSWER takes
actions when malicious events occur
, 15. Auditing *Access Control Models - ANSWER the examination and
review of an organizations records to ensure accountability through
technical means
16.Penetration testing *Access Control Models - ANSWER mimicking, as
closely as possible, the techniques an actual attack would use
17.Cryptography - ANSWER the practice of keeping infomation secure
through the use of codes and ciphers
18. Symmetric cryptography - ANSWER encryption that uses a single key to
encrypt and decrypt a message (aka the private key cryptography)
19. Block Cipher - ANSWER Takes a predetermined number of bits, known
as a block, in the plaintext message and encrypts that block
20. Stream Cipher - ANSWER Encrypts each bit in the plaintext message, 1
bit at a time
DES (Symmetric key algorithms) - ANSWER a block cipher based on symmetric
key crytography and uses a 56-bit key. Not that secured any more.
3DES (Symmetric key Algorithms) - ANSWER DES used to encrypt each block
three times, each with a different key
Management Comprehensive Resource To Help You Ace
2026-2027 Includes Frequently Tested Questions With
ELABORATED 100% Correct COMPLETE SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. What is the risk management process? - ANSWER Identify Assets-
identifying and categorizing assets that we're protecting
Identify Threats- identify threats
Assess Vulnerabilities- look for impacts
Assess Risks- assess the risk overall
Mitigate Risk- ensure that a given type of threat is accounted for.
2. Incident response process: - ANSWER Preparation- the activties that we
can perform, in advance of the incident itsself, in order to better enable us
to handle it.
Detection and Analysis (Identification)- detect the occurrence of an issue and
decide whether or not it is actually an incident, so that we can respond
appropriately
Containment- involves taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm
Eradication- attempt to remove the effects of the issue from our environment
Recovery- restoring devices or data to pre-incident state (rebuilding systems,
reloading applications, backup media, etc.
,Post-incident activity- determine specifically what happened, why it happened
and what we can to keep it from happening again.
3. Authorization - ANSWER what the user can assess, modify, delete
4. Least privilege - ANSWER giving the bare minimum level of access it
needs to perform its job/functionality
5. What makes Access Control - ANSWER Allowing- lets us give a
particular party access to a given source
Denying- opposite of gaining access
Limiting- allowing some access to our resource, only up to a certain point
Revoking- takes access away from former user
Access Control List- info about what kind of access certain parties are allowed to
have to a given system
Network ACL- filter access rules for incoming and outgoing network transactions,
such as Internet Protocol (IP) Addresses, Media Access Control (MAC) addresses,
and ports
6. Discretionary (DAC) *Access Control Models - ANSWER owner of
resources determines who gets access and what level of
7. Mandatory (MAC) *Access Control Models - ANSWER separate group or
individual (from owner) has the authority to set access to recourses
,8. Rule-based *Access Control Models - ANSWER allows access according
to a set of rules defined by the system administrator
9. Role-based (RBAC) *Access Control Models - ANSWER functions access
controls set by an authority responsible for doing so, rather than by the
owner of the resource
10. Attribute-based (ABAC) *Access Control Models - ANSWER based on
attributes, such as of a person, resource, or an environment
11. Accountability *Access Control Models - ANSWER refers to making sure
that a person is responsible for their actions. It provides us with the means
to trace activities in our environment back to their source.
12. Nonrepudiation *Access Control Models - ANSWER a situation in which
sufficient evidence exists as to prevent an individual from successfully
denying that he or she has made a statement or taken an action
13. Intrusion detection (IDSes) *Access Control Models - ANSWER monitors
and reports malicious events
14. Intrusion prevention (IPSes) *Access Control Models - ANSWER takes
actions when malicious events occur
, 15. Auditing *Access Control Models - ANSWER the examination and
review of an organizations records to ensure accountability through
technical means
16.Penetration testing *Access Control Models - ANSWER mimicking, as
closely as possible, the techniques an actual attack would use
17.Cryptography - ANSWER the practice of keeping infomation secure
through the use of codes and ciphers
18. Symmetric cryptography - ANSWER encryption that uses a single key to
encrypt and decrypt a message (aka the private key cryptography)
19. Block Cipher - ANSWER Takes a predetermined number of bits, known
as a block, in the plaintext message and encrypts that block
20. Stream Cipher - ANSWER Encrypts each bit in the plaintext message, 1
bit at a time
DES (Symmetric key algorithms) - ANSWER a block cipher based on symmetric
key crytography and uses a 56-bit key. Not that secured any more.
3DES (Symmetric key Algorithms) - ANSWER DES used to encrypt each block
three times, each with a different key
