WGU D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM
OBJECTIVE ASSESSMENT NEWEST
2025\2026 TEST BANK ACTUAL EXAM
300 QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+ |
LATEST UPDATE
/ Information security - Answer-Keeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
/.Compliance - Answer-The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
/.CIA - Answer-The core model of all information security. Confidential, integrity and
availability
/.Confidential - Answer-Allowing only those authorized to access the data requested
/.integrity - Answer-Keeping data unaltered by accidental or malicious intent
/.Availability - Answer-The ability to access data when needed
/.Parkerian hexad model - Answer-Confidentiality , integrity, availability,
possession/control, authenticity, utility
/.Possession/ control - Answer-Refers to the physical disposition of the media on which
the data is stored
/.authenticity - Answer-Allows us to talk about the proper attribution as to the owner or
creator of the data in question
/.Utility - Answer-How useful the data is to us
/.Types of attacks - Answer-1- interception
,2- interruption
3- modification
4- fabrication
/.Interception - Answer-Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
/.Interruption - Answer-Attacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
/.Modification - Answer-Attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
/.Fabrication - Answer-Attacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
/.Risk - Answer-The likelihood that a threat will occur. There must be a threat and
vulnerability
/.Threat - Answer-Any event being man-made, natural or environmental that could
damage the assets
/.Vulnerabilities - Answer-Weakness that a threat event or the threat can take
advantage of
/.Impact - Answer-taking into account the assets cost
/.Controls - Answer-The ways we protect assets. Physical, technical/ logical, and
administrative
/.Physical controls - Answer-Controls are physical items that protect assets. Think of
locks, doors, guards and fences
/.Technical/ logical controls - Answer-Controls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
/.Administrative controls - Answer-Controls are the policies that organizations create for
governance. Ex: email policies
/.risk mamagement - Answer-A constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
, 5- mitigating risks
/.Identify assets - Answer-First and most important part or risk management. Identifying
and categorizing the assets we are protecting
/.Identify threats - Answer-Once we have our critical assets we can identify the threats
that might effect them
/.Assess Vulnerabilities - Answer-Look at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
/.Assess risks - Answer-Once we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
/.Mitigating risks - Answer-Putting measures in place to help ensure that a given type of
threat is accounted for
/.Incident response - Answer-Response to when risk management practices have failed
and have cause an inconvenience to a disastrous event
/.Incident response cycle - Answer-1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
/.Preparation phase - Answer-The preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
/.Detection and analysis phase - Answer-Where the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
/.Containment phase - Answer-Taking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
/.Eradication phase - Answer-We will attempt to remove the effects of the issue from our
environment
/.Recovery phase - Answer-Recover to a better state that we were prior to the incident
or perhaps prior to when the issue started if we did not detect it immediately
/.Post incident activity phase - Answer-We attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
INFORMATION SECURITY EXAM
OBJECTIVE ASSESSMENT NEWEST
2025\2026 TEST BANK ACTUAL EXAM
300 QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+ |
LATEST UPDATE
/ Information security - Answer-Keeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
/.Compliance - Answer-The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
/.CIA - Answer-The core model of all information security. Confidential, integrity and
availability
/.Confidential - Answer-Allowing only those authorized to access the data requested
/.integrity - Answer-Keeping data unaltered by accidental or malicious intent
/.Availability - Answer-The ability to access data when needed
/.Parkerian hexad model - Answer-Confidentiality , integrity, availability,
possession/control, authenticity, utility
/.Possession/ control - Answer-Refers to the physical disposition of the media on which
the data is stored
/.authenticity - Answer-Allows us to talk about the proper attribution as to the owner or
creator of the data in question
/.Utility - Answer-How useful the data is to us
/.Types of attacks - Answer-1- interception
,2- interruption
3- modification
4- fabrication
/.Interception - Answer-Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
/.Interruption - Answer-Attacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
/.Modification - Answer-Attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
/.Fabrication - Answer-Attacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
/.Risk - Answer-The likelihood that a threat will occur. There must be a threat and
vulnerability
/.Threat - Answer-Any event being man-made, natural or environmental that could
damage the assets
/.Vulnerabilities - Answer-Weakness that a threat event or the threat can take
advantage of
/.Impact - Answer-taking into account the assets cost
/.Controls - Answer-The ways we protect assets. Physical, technical/ logical, and
administrative
/.Physical controls - Answer-Controls are physical items that protect assets. Think of
locks, doors, guards and fences
/.Technical/ logical controls - Answer-Controls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
/.Administrative controls - Answer-Controls are the policies that organizations create for
governance. Ex: email policies
/.risk mamagement - Answer-A constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
, 5- mitigating risks
/.Identify assets - Answer-First and most important part or risk management. Identifying
and categorizing the assets we are protecting
/.Identify threats - Answer-Once we have our critical assets we can identify the threats
that might effect them
/.Assess Vulnerabilities - Answer-Look at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
/.Assess risks - Answer-Once we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
/.Mitigating risks - Answer-Putting measures in place to help ensure that a given type of
threat is accounted for
/.Incident response - Answer-Response to when risk management practices have failed
and have cause an inconvenience to a disastrous event
/.Incident response cycle - Answer-1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
/.Preparation phase - Answer-The preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
/.Detection and analysis phase - Answer-Where the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
/.Containment phase - Answer-Taking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
/.Eradication phase - Answer-We will attempt to remove the effects of the issue from our
environment
/.Recovery phase - Answer-Recover to a better state that we were prior to the incident
or perhaps prior to when the issue started if we did not detect it immediately
/.Post incident activity phase - Answer-We attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
