WGU, Information Security and
Assurance (C725), SET III Exam 2026
Questions and Answers 100% Pass
Guaranteed
A job title: Have access to information resources in accordance with the owner-
defined controls and access rules. - Correct answer-Users
One purpose of a security awareness program is to modify which of the following?
A. Employees' attitudes and behaviors
B. Management's approach
C. Attitudes of employees toward sensitive data
D. Corporate attitudes about safeguarding data - Correct answer-A. Employees'
attitudes and behaviors
©COPYRIGHT 2025, ALL RIGHTS RESERVE 1
,Explanation:
Because people are the weakest link in any security-related process, it's crucial that
a security program address user education, awareness, and training on policies and
procedures that affect them.
The totality of protection mechanisms within a computer system, including
hardware, firmware, and software. It consists of one or more components that
together enforce a unified security policy over a product or system - Correct
answer-Trusted Computing Base (TCB)
A software model that mediates all access from any subject (user or other device)
to any object (resource, data, and so forth);
it cannot be bypassed.It mediates accesses to objects by subjects. In principle, it
should be:
Complete, to mediate every access
©COPYRIGHT 2025, ALL RIGHTS RESERVE 2
, Isolated from modification by other system entities (objects and processes)
Verifiable, doing only what it's programmed to do and not being susceptible to
circumvention by malicious acts or programmer error - Correct answer-reference
monitor
a.k.a. abstract machine
Implementation of a reference monitor for a specific hardware base, such as Sun
Solaris, Red Hat Linux, or Mac OS X. - Correct answer-security kernel
The TCB, reference monitor, and security kernel are essential for military- and
government-grade information technology (IT) security to prevent unauthorized
access or threats to the integrity of programs, operating systems, or data.
T or F
In "The ring of trust" Trust in a system moves from the outside to the inside in a
unidirectional mode. - Correct answer-True
©COPYRIGHT 2025, ALL RIGHTS RESERVE 3
Assurance (C725), SET III Exam 2026
Questions and Answers 100% Pass
Guaranteed
A job title: Have access to information resources in accordance with the owner-
defined controls and access rules. - Correct answer-Users
One purpose of a security awareness program is to modify which of the following?
A. Employees' attitudes and behaviors
B. Management's approach
C. Attitudes of employees toward sensitive data
D. Corporate attitudes about safeguarding data - Correct answer-A. Employees'
attitudes and behaviors
©COPYRIGHT 2025, ALL RIGHTS RESERVE 1
,Explanation:
Because people are the weakest link in any security-related process, it's crucial that
a security program address user education, awareness, and training on policies and
procedures that affect them.
The totality of protection mechanisms within a computer system, including
hardware, firmware, and software. It consists of one or more components that
together enforce a unified security policy over a product or system - Correct
answer-Trusted Computing Base (TCB)
A software model that mediates all access from any subject (user or other device)
to any object (resource, data, and so forth);
it cannot be bypassed.It mediates accesses to objects by subjects. In principle, it
should be:
Complete, to mediate every access
©COPYRIGHT 2025, ALL RIGHTS RESERVE 2
, Isolated from modification by other system entities (objects and processes)
Verifiable, doing only what it's programmed to do and not being susceptible to
circumvention by malicious acts or programmer error - Correct answer-reference
monitor
a.k.a. abstract machine
Implementation of a reference monitor for a specific hardware base, such as Sun
Solaris, Red Hat Linux, or Mac OS X. - Correct answer-security kernel
The TCB, reference monitor, and security kernel are essential for military- and
government-grade information technology (IT) security to prevent unauthorized
access or threats to the integrity of programs, operating systems, or data.
T or F
In "The ring of trust" Trust in a system moves from the outside to the inside in a
unidirectional mode. - Correct answer-True
©COPYRIGHT 2025, ALL RIGHTS RESERVE 3
