1
WGU
WGU C836 EXAM QUESTIONS AND ANSWE
U U U U U
RS UPDATED (2024/2025) (VERIFIED AN
U U U U
SWERS)
tailgating (piggybacking) -
u u
u ANS ✓a method by which a person follows directly behind another person who a
u u u u u u u u u u u u u
uthenticates to the physical access control measure, thus allowing the follower to
u u u u u u u u u u u u
gain access without authenticating
u u u
network usage - u u
u ANS ✓a security awareness issue that involves educating users about security iss
u u u u u u u u u u u
ues around connecting devices to networks, such as connecting outside devices to
u u u u u u u u u u u
the corporate network, and connecting corporate resources to a public network
u u u u u u u u u u u
malware - u
u ANS ✓a security awareness issue that involves educating users about malicious s
u u u u u u u u u u u
oftware and how to avoid it
u u u u u
WGU C836
u
, 2
WGU
use of personal equipment -
u u u u
ANS ✓security awareness issue that is concerned with protecting a company's as
u u u u u u u u u u u u
sets
clean desk policy - u u u
ANS ✓a security awareness issue that requires users to protect sensitive informa
u u u u u u u u u u u u
tion at all times, even when away from one's desk
u u u u u u u u u
policy and regulatory knowledge -
u u u u
ANS ✓a security awareness issue that is necessary to maintain compliance throu
u u u u u u u u u u u u
ghout the organization
u u
SATE (Security Awareness, Training and Education) -
u u u u u u
ANS ✓a program that seeks to make users aware of the risk they are accepting th
u u u u u u u u u u u u u u u u
rough their current actions and attempts to change their behavior through target
u u u u u u u u u u u
ed efforts
u
OPSEC
(Operations Security) - ANS ✓the process we use to protect our information
u u u u u u u u u u u
WGU C836u
, 3
WGU
Sun Tzu - u u
u ANS ✓A Chinese military general from 6th century BC who wrote The Art of War,
u u u u u u u u u u u u u u
a text that shows early examples of operations security principles
u u u u u u u u u u
Purple Dragon - u u
u ANS ✓The codename of a study conducted to discover the cause of an informatio
u u u u u u u u u u u u u
n leak during the Vietnam War; is now a symbol of OPSEC
u u u u u u u u u u u
competitive intelligence - u u
u ANS ✓the process of intelligence gathering and analysis in order to support busi
u u u u u u u u u u u u
ness decisions
u
5 steps of the operations security process -
u u u u u u u
u ANS ✓1.Identification of critical information
u u u u
2.Analysis of threats u u
3.Analysis of vulnerabilities
u u
4.Assessment of risks u u
5.Application of countermeasures u u
If you don't know the threat, how do you know what to protect? -
u u u u u u u u u u u u u
u ANS ✓The 1st Law of Haas' Laws of Operations Security
u u u u u u u u u
WGU C836 u
, 4
WGU
If you don't know what to protect, how do you know you are protecting it? -
u u u u u u u u u u u u u u u
u ANS ✓The 2nd Law of Haas' Laws of Operations Security
u u u u u u u u u
If you are not protecting it, the dragon wins! -
u u u u u u u u u
u ANS ✓The 3rd Law of Haas' Laws of Operations Security
u u u u u u u u u
cloud computing - u u
u ANS ✓services that are hosted, often over the Internet, for the purposes of delive
u u u u u u u u u u u u u
ring easily scaled computing services or resources
u u u u u u
identification of critical information - u u u u
u ANS ✓1st step in the OPSEC process, arguably the most important: to identify the
u u u u u u u u u u u u u
assets that most need protection and will cause us the most harm if exposed
u u u u u u u u u u u u u u
analysis of threats - u u u
u ANS ✓2nd step in the OPSEC process: to look at the potential harm or financial i
u u u u u u u u u u u u u u u
mpact that might be caused by critical information being exposed, and who might
u u u u u u u u u u u u
exploit that exposure
u u u
analysis of vulnerabilities - u u u
u ANS ✓3rd step in the OPSEC process: to look at the weaknesses that can be used
u u u u u u u u u u u u u u u u
to harm us
u u
WGU C836 u
WGU
WGU C836 EXAM QUESTIONS AND ANSWE
U U U U U
RS UPDATED (2024/2025) (VERIFIED AN
U U U U
SWERS)
tailgating (piggybacking) -
u u
u ANS ✓a method by which a person follows directly behind another person who a
u u u u u u u u u u u u u
uthenticates to the physical access control measure, thus allowing the follower to
u u u u u u u u u u u u
gain access without authenticating
u u u
network usage - u u
u ANS ✓a security awareness issue that involves educating users about security iss
u u u u u u u u u u u
ues around connecting devices to networks, such as connecting outside devices to
u u u u u u u u u u u
the corporate network, and connecting corporate resources to a public network
u u u u u u u u u u u
malware - u
u ANS ✓a security awareness issue that involves educating users about malicious s
u u u u u u u u u u u
oftware and how to avoid it
u u u u u
WGU C836
u
, 2
WGU
use of personal equipment -
u u u u
ANS ✓security awareness issue that is concerned with protecting a company's as
u u u u u u u u u u u u
sets
clean desk policy - u u u
ANS ✓a security awareness issue that requires users to protect sensitive informa
u u u u u u u u u u u u
tion at all times, even when away from one's desk
u u u u u u u u u
policy and regulatory knowledge -
u u u u
ANS ✓a security awareness issue that is necessary to maintain compliance throu
u u u u u u u u u u u u
ghout the organization
u u
SATE (Security Awareness, Training and Education) -
u u u u u u
ANS ✓a program that seeks to make users aware of the risk they are accepting th
u u u u u u u u u u u u u u u u
rough their current actions and attempts to change their behavior through target
u u u u u u u u u u u
ed efforts
u
OPSEC
(Operations Security) - ANS ✓the process we use to protect our information
u u u u u u u u u u u
WGU C836u
, 3
WGU
Sun Tzu - u u
u ANS ✓A Chinese military general from 6th century BC who wrote The Art of War,
u u u u u u u u u u u u u u
a text that shows early examples of operations security principles
u u u u u u u u u u
Purple Dragon - u u
u ANS ✓The codename of a study conducted to discover the cause of an informatio
u u u u u u u u u u u u u
n leak during the Vietnam War; is now a symbol of OPSEC
u u u u u u u u u u u
competitive intelligence - u u
u ANS ✓the process of intelligence gathering and analysis in order to support busi
u u u u u u u u u u u u
ness decisions
u
5 steps of the operations security process -
u u u u u u u
u ANS ✓1.Identification of critical information
u u u u
2.Analysis of threats u u
3.Analysis of vulnerabilities
u u
4.Assessment of risks u u
5.Application of countermeasures u u
If you don't know the threat, how do you know what to protect? -
u u u u u u u u u u u u u
u ANS ✓The 1st Law of Haas' Laws of Operations Security
u u u u u u u u u
WGU C836 u
, 4
WGU
If you don't know what to protect, how do you know you are protecting it? -
u u u u u u u u u u u u u u u
u ANS ✓The 2nd Law of Haas' Laws of Operations Security
u u u u u u u u u
If you are not protecting it, the dragon wins! -
u u u u u u u u u
u ANS ✓The 3rd Law of Haas' Laws of Operations Security
u u u u u u u u u
cloud computing - u u
u ANS ✓services that are hosted, often over the Internet, for the purposes of delive
u u u u u u u u u u u u u
ring easily scaled computing services or resources
u u u u u u
identification of critical information - u u u u
u ANS ✓1st step in the OPSEC process, arguably the most important: to identify the
u u u u u u u u u u u u u
assets that most need protection and will cause us the most harm if exposed
u u u u u u u u u u u u u u
analysis of threats - u u u
u ANS ✓2nd step in the OPSEC process: to look at the potential harm or financial i
u u u u u u u u u u u u u u u
mpact that might be caused by critical information being exposed, and who might
u u u u u u u u u u u u
exploit that exposure
u u u
analysis of vulnerabilities - u u u
u ANS ✓3rd step in the OPSEC process: to look at the weaknesses that can be used
u u u u u u u u u u u u u u u u
to harm us
u u
WGU C836 u
