WGU D430 Assessment Fundamentals of Information Security
Exam with Questions and Verified Rationalized Answers
Updated 2025/2026
1. CIATriad:Confidential - allowing only those authorized to access the data re- quested
i i i i i i i i i i i i i
Integrity - keeping data unaltered in an unauthorized manner and reliable Availability -
i i i i i i i i i i i i
i the ability for those authorized to access data when needed
i i i i i i i i i
2. Parkerian Hexad: Confidentiality Integrity Availability i i i i
Possession - physical deposition of the media on which the data is stored Authenticity-
i i i i i i i i i i i i i i
allowsustotalkabouttheproperattributionastotheownerorcreator of the data in question
i i i i i i i i i i i i i i i i i i i
Utility - how useful the data is to us
i i i i i i i i
3. AttackTypes:Interception Int i i i
erruption
Modification Fabrication i
4. Interception: an attacker has access to data , applications or environment i i i i i i i i i i
5. Interruption: attacks cause our assets to become unusable or unavailable i i i i i i i i i
6. Modification:attacks involve tampering with our asset i i i i i i
7. Fabrication:attacks that create false information i i i i i
8. Threat: something that has potential to cause harm
i i i i i i i
9. Vulnerability: weaknesses that can be used to harm us i i i i i i i i
10. Something you know: username , password , PIN i i i i i i i
11. Something you have: ID badge , swipe card , OTP i i i i i i i i i
1i/i
15
, 12. Something you are: fingerprint, Iris Retina scan i i i i i i
13. Somewhere you are:geolocation i i i
14. Something you do: handwriting , typing , walking i i i i i i i
15. Authentication: verifying that a person is who they claim to be i i i i i i i i i i
16. Mutual authentication: Bothparties in atransactiontoauthenticate eachother
i i i i i i i i i i
- Has digital certificates
i i
- Prevents man in the middle attacks i i i i i
- The man in the middle is where the attacker inserts themselves into the traffic flow
i i i i i i i i i i i i i i
- Ex .Both the PC and server authenticate each other before data is sent in either direction
i i i i i i i i i i i i i i i i
17. Risk management process:1.Identify Asset -
i i i i i i
iidentifying and categorizing assets that we're protecting
i i i i i i
2. IdentifyThreats - identify threats
i i i i
3. AssessVulnerabilities - look for impacts
i i i i i
4. Assess Risk - asses the risk overall
i i i i i i
5. Mitigate Risk - ensure that a given type of threat is accounted for
i i i i i i i i i i i i
18. Incident response process:Preparation Detection and Analysis Identifica
i i i i i i i
tion
2i/i
15
Exam with Questions and Verified Rationalized Answers
Updated 2025/2026
1. CIATriad:Confidential - allowing only those authorized to access the data re- quested
i i i i i i i i i i i i i
Integrity - keeping data unaltered in an unauthorized manner and reliable Availability -
i i i i i i i i i i i i
i the ability for those authorized to access data when needed
i i i i i i i i i
2. Parkerian Hexad: Confidentiality Integrity Availability i i i i
Possession - physical deposition of the media on which the data is stored Authenticity-
i i i i i i i i i i i i i i
allowsustotalkabouttheproperattributionastotheownerorcreator of the data in question
i i i i i i i i i i i i i i i i i i i
Utility - how useful the data is to us
i i i i i i i i
3. AttackTypes:Interception Int i i i
erruption
Modification Fabrication i
4. Interception: an attacker has access to data , applications or environment i i i i i i i i i i
5. Interruption: attacks cause our assets to become unusable or unavailable i i i i i i i i i
6. Modification:attacks involve tampering with our asset i i i i i i
7. Fabrication:attacks that create false information i i i i i
8. Threat: something that has potential to cause harm
i i i i i i i
9. Vulnerability: weaknesses that can be used to harm us i i i i i i i i
10. Something you know: username , password , PIN i i i i i i i
11. Something you have: ID badge , swipe card , OTP i i i i i i i i i
1i/i
15
, 12. Something you are: fingerprint, Iris Retina scan i i i i i i
13. Somewhere you are:geolocation i i i
14. Something you do: handwriting , typing , walking i i i i i i i
15. Authentication: verifying that a person is who they claim to be i i i i i i i i i i
16. Mutual authentication: Bothparties in atransactiontoauthenticate eachother
i i i i i i i i i i
- Has digital certificates
i i
- Prevents man in the middle attacks i i i i i
- The man in the middle is where the attacker inserts themselves into the traffic flow
i i i i i i i i i i i i i i
- Ex .Both the PC and server authenticate each other before data is sent in either direction
i i i i i i i i i i i i i i i i
17. Risk management process:1.Identify Asset -
i i i i i i
iidentifying and categorizing assets that we're protecting
i i i i i i
2. IdentifyThreats - identify threats
i i i i
3. AssessVulnerabilities - look for impacts
i i i i i
4. Assess Risk - asses the risk overall
i i i i i i
5. Mitigate Risk - ensure that a given type of threat is accounted for
i i i i i i i i i i i i
18. Incident response process:Preparation Detection and Analysis Identifica
i i i i i i i
tion
2i/i
15
