WGU C836 MULTI/COMPREHENSIVE
FINAL EXAM REVIEW QUESTIONS &
ANSWERS(RATED A+)
The Fabrication attack type most commonly affects which principle(s) of the CIA
triad?
A. Availability
B. Integrity
C. Confidentiality
D. Integrity and Availability
E. Confidentiality and Integrity - ANSWERIntegrity and Availability
The Interception attack type most commonly affects which principle(s) of the CIA
triad? This task contains the radio buttons and checkboxes for options. The shortcut
keys to perform this task are A to H and alt+1 to alt+9.
A.Integrity and Availability
B.Confidentiality and Integrity
C.Availability
D.Integrity
E.Confidentiality - ANSWERConfidentiality
Something that has the potential to cause harm to our assets is known as a(n)
________.
A.Threat
B.Impact
C.Risk
D.Vulnerability - ANSWERThreat
Controls that protect the systems, networks, and environments that process,
transmit, and store our data are called _______.
A.Logical controls
B.Administrative controls
C.Physical controls - ANSWERLogical Control
What is the first and arguably one of the most important steps of the risk
management process?
A.Assess risks
B.Mitigate risks
C.Identify threats
D.Assess vulnerabilities
E.Identify assets - ANSWERIdentify assets
,Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - ANSWERinformation security
A type of attack, primarily against confidentiality - ANSWERInterception
Something that has the potential to cause harm to our assets - ANSWERThreat
A weakness that can be used to harm us - ANSWERVulnerability
The likelihood that something bad will happen - ANSWERRisk
An attack that involves tampering with our assets - ANSWERModification attack
A model that adds three more principles to the CIA triad: possession or control,
utility, and authenticity - ANSWERParkerian hexad
The physical disposition of the media on which the data is stored -
ANSWERPossession or control
An attack that involves generating data, processes, communications, or other similar
activities with a system - ANSWERFabrication attack
A multilayered defense that will allow us to achieve a successful defense should one
or more of our defensive measures fail - ANSWERDefense in depth
Sometimes called technical controls, these protect the systems, networks, and
environments that process, transmit, and store our data - ANSWERLogical controls
Controls that protect the physical environment in which our systems sit, or where our
data is stored - ANSWERPhysical controls
The risk management phase that consists of all of the activities that we can perform
in advance of the incident itself, in order to better enable us to handle it -
ANSWERPreparation phase
The risk management phase where we detect the occurrence of an issue and decide
whether it is actually an incident so that we can respond to it appropriately -
ANSWERDetection and analysis phase
The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWERE.Permanence
What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
, A.Multifactor
B.Mutual
C.Something you know
D.Something you are
ESomething you do - ANSWERB.Mutual
An authentication mechanism in which both parties authenticate each other -
ANSWERMutual authentication
Describes the ease with which a system can be tricked by a falsified biometric
identifier - ANSWERCircumvention
A user who creates a network share and sets permissions on that share is employing
which model of access control? This task contains the radio buttons and checkboxes
for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A. Mandatory access control
B. Discretionary access control
C. Attribute-based access control
D. Role-based access control - ANSWERDiscretionary access control
What type of access control can prevent the confused deputy problem? This task
contains the radio buttons and checkboxes for options. The shortcut keys to perform
this task are A to H and alt+1 to alt+9.
A.ACLs
B.A password policy
C.Capability-based security
D.A locked door - ANSWERCapability-based security
Confidential Services Inc. is a military-support branch consisting of 1,400 computers
with Internet access and 250 servers. All employees are required to have security
clearances. From the options listed below, what access control model would be most
appropriate for this organization? This task contains the radio buttons and
checkboxes for options. The shortcut keys to perform this task are A to H and alt+1
to alt+9.
A.Discretionary access control
B.Role-based access control
C.Attribute-based access control
D.Mandatory access control - ANSWERD.Mandatory access control
A VPN connection that is set to time out after 24 hours is demonstrating which model
of access control? This task contains the radio buttons and checkboxes for options.
The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Mandatory access control
B.Role-based access control
C.Attribute-based access control
D.Discretionary access control - ANSWERAttribute-based access control
FINAL EXAM REVIEW QUESTIONS &
ANSWERS(RATED A+)
The Fabrication attack type most commonly affects which principle(s) of the CIA
triad?
A. Availability
B. Integrity
C. Confidentiality
D. Integrity and Availability
E. Confidentiality and Integrity - ANSWERIntegrity and Availability
The Interception attack type most commonly affects which principle(s) of the CIA
triad? This task contains the radio buttons and checkboxes for options. The shortcut
keys to perform this task are A to H and alt+1 to alt+9.
A.Integrity and Availability
B.Confidentiality and Integrity
C.Availability
D.Integrity
E.Confidentiality - ANSWERConfidentiality
Something that has the potential to cause harm to our assets is known as a(n)
________.
A.Threat
B.Impact
C.Risk
D.Vulnerability - ANSWERThreat
Controls that protect the systems, networks, and environments that process,
transmit, and store our data are called _______.
A.Logical controls
B.Administrative controls
C.Physical controls - ANSWERLogical Control
What is the first and arguably one of the most important steps of the risk
management process?
A.Assess risks
B.Mitigate risks
C.Identify threats
D.Assess vulnerabilities
E.Identify assets - ANSWERIdentify assets
,Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - ANSWERinformation security
A type of attack, primarily against confidentiality - ANSWERInterception
Something that has the potential to cause harm to our assets - ANSWERThreat
A weakness that can be used to harm us - ANSWERVulnerability
The likelihood that something bad will happen - ANSWERRisk
An attack that involves tampering with our assets - ANSWERModification attack
A model that adds three more principles to the CIA triad: possession or control,
utility, and authenticity - ANSWERParkerian hexad
The physical disposition of the media on which the data is stored -
ANSWERPossession or control
An attack that involves generating data, processes, communications, or other similar
activities with a system - ANSWERFabrication attack
A multilayered defense that will allow us to achieve a successful defense should one
or more of our defensive measures fail - ANSWERDefense in depth
Sometimes called technical controls, these protect the systems, networks, and
environments that process, transmit, and store our data - ANSWERLogical controls
Controls that protect the physical environment in which our systems sit, or where our
data is stored - ANSWERPhysical controls
The risk management phase that consists of all of the activities that we can perform
in advance of the incident itself, in order to better enable us to handle it -
ANSWERPreparation phase
The risk management phase where we detect the occurrence of an issue and decide
whether it is actually an incident so that we can respond to it appropriately -
ANSWERDetection and analysis phase
The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWERE.Permanence
What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
, A.Multifactor
B.Mutual
C.Something you know
D.Something you are
ESomething you do - ANSWERB.Mutual
An authentication mechanism in which both parties authenticate each other -
ANSWERMutual authentication
Describes the ease with which a system can be tricked by a falsified biometric
identifier - ANSWERCircumvention
A user who creates a network share and sets permissions on that share is employing
which model of access control? This task contains the radio buttons and checkboxes
for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A. Mandatory access control
B. Discretionary access control
C. Attribute-based access control
D. Role-based access control - ANSWERDiscretionary access control
What type of access control can prevent the confused deputy problem? This task
contains the radio buttons and checkboxes for options. The shortcut keys to perform
this task are A to H and alt+1 to alt+9.
A.ACLs
B.A password policy
C.Capability-based security
D.A locked door - ANSWERCapability-based security
Confidential Services Inc. is a military-support branch consisting of 1,400 computers
with Internet access and 250 servers. All employees are required to have security
clearances. From the options listed below, what access control model would be most
appropriate for this organization? This task contains the radio buttons and
checkboxes for options. The shortcut keys to perform this task are A to H and alt+1
to alt+9.
A.Discretionary access control
B.Role-based access control
C.Attribute-based access control
D.Mandatory access control - ANSWERD.Mandatory access control
A VPN connection that is set to time out after 24 hours is demonstrating which model
of access control? This task contains the radio buttons and checkboxes for options.
The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Mandatory access control
B.Role-based access control
C.Attribute-based access control
D.Discretionary access control - ANSWERAttribute-based access control
