WGU Course C836 - Fundamentals of Information Security QUESTIONS WITH ANSWERS

WGU Course C836 - Fundamentals of
|\ |\ |\ |\ |\ |\




Information Security QUESTIONS WITH |\ |\ |\ |\




ANSWERS

Which cybersecurity term is defined as the potential for an attack on a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



resource?



A Impact
|\




B Vulnerability
|\




C Risk
|\




D Threat - CORRECT ANSWERS ✔✔D
|\ |\ |\ |\ |\




Which security type deliberately exposes a system's vulnerabilities or
|\ |\ |\ |\ |\ |\ |\ |\ |\



resources to an attacker?
|\ |\ |\




A Intrusion detection
|\ |\




B Firewalls
|\




C Honeypots
|\




D Intrusion prevention - CORRECT ANSWERS ✔✔C
|\ |\ |\ |\ |\ |\




Which tool can be used to map devices on a network, along with their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



operating system types and versions?
|\ |\ |\ |\

,A Packet sniffer
|\ |\




B Packet filter
|\ |\




C Port scanner
|\ |\




D Stateful firewall - CORRECT ANSWERS ✔✔C
|\ |\ |\ |\ |\ |\




Which web attack is a server-side attack?
|\ |\ |\ |\ |\ |\




A Clickjacking
|\




B Cross-site scripting
|\ |\




C SQL injection
|\ |\




D Cross-site request forgery - CORRECT ANSWERS ✔✔C
|\ |\ |\ |\ |\ |\ |\




An organization employs a VPN to safeguard its information.
|\ |\ |\ |\ |\ |\ |\ |\ |\




Which security principle is protected by a VPN?
|\ |\ |\ |\ |\ |\ |\




A Data in motion
|\ |\ |\




B Data at rest
|\ |\ |\




C Data in use
|\ |\ |\




D Data in storage - CORRECT ANSWERS ✔✔A
|\ |\ |\ |\ |\ |\ |\




A malicious hacker was successful in a denial of service (DoS) attack against
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



an institution's mail server. Fortunately, no data was lost or altered while the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



server was offline.
|\ |\ |\


|\

,Which type of attack is this?
|\ |\ |\ |\ |\


|\



A Modification
|\




B Fabrication
|\




C Interception
|\




D Interruption - CORRECT ANSWERS ✔✔D
|\ |\ |\ |\ |\




A company has had several successful denial of service (DoS) attacks on its
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



email server. |\


|\



Which security principle is being attacked?
|\ |\ |\ |\ |\




A Possession
|\




B Integrity
|\




C Confidentiality
|\




D Availability - CORRECT ANSWERS ✔✔D
|\ |\ |\ |\ |\




A new start-up company has started working on a social networking website.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



The company has moved all its source code to a cloud provider and wants to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



protect this source code from unauthorized access.
|\ |\ |\ |\ |\ |\ |\


|\



Which cyber defense concept should the start-up company use to maintain
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



the confidentiality of its source code?
|\ |\ |\ |\ |\


|\



A Alarm systems
|\ |\




B Account permissions
|\ |\

, C Antivirus software
|\ |\




D File encryption - CORRECT ANSWERS ✔✔D
|\ |\ |\ |\ |\ |\




A company has an annual audit of installed software and data storage
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



systems. During the audit, the auditor asks how the company's most critical
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



data is used. This determination helps the auditor ensure that the proper
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



defense mechanisms are in place to protect critical data.
|\ |\ |\ |\ |\ |\ |\ |\


|\



Which principle of the Parkerian hexad is the auditor addressing?
|\ |\ |\ |\ |\ |\ |\ |\ |\




A Possession
|\




B Integrity
|\




C Authenticity
|\




D Utility - CORRECT ANSWERS ✔✔D
|\ |\ |\ |\ |\




Which web attack is possible due to a lack of input validation?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


|\



A Extraneous files
|\ |\




B Clickjacking
|\




C SQL injection
|\ |\




D Cross-site request forgery - CORRECT ANSWERS ✔✔C
|\ |\ |\ |\ |\ |\ |\




Which file action implements the principle of confidentiality from the CIA
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\



triad?
|\