WGU D430 FUNDAMENTALS OF INFORMATION
SECURITY ACTUAL EXAM 2026 QUESTIONS
WITH ANSWERS GRADED A+
◉ Compliance. Answer: The requirements that are set forth by laws and
industry regulations.
IE: HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
◉ DAD Triad. Answer: Disclosure, alteration, and denial
◉ CIA Triad. Answer: The core model of all information security
concepts. Confidential, integrity and availability
◉ Confidential. Answer: Ability to protect our data from those who are
not authorized to view it.
◉ What ways can confidentiality be compromised?. Answer: - lose a
personal laptop with data
- Person can view your password you are entering in
- Send an email attachment to the wrong person.
,- Attacker can penetrate your systems....etc.
◉ integrity. Answer: Keeping data unaltered by accidental or malicious
intent
◉ How to maintain integrity?. Answer: Prevent unauthorized changes to
the data and the ability to reverse unwanted authorized changes.
Via system/file permissions or Undo/Roll back undesirable changes.
◉ Availability. Answer: The ability to access data when needed
◉ Ways Availability can be compromised. Answer: - Power loss
- Application issues
- Network attacks
- System compromised (DoS)
◉ Denial of Service (DoS). Answer: Security problem in which users
are not able to access an information system; can be caused by human
errors, natural disaster, or malicious activity.
◉ Parkerian hexad model. Answer: A model that adds three more
principles to the CIA triad:
,Possession/Control
Utility
Authenticity
◉ Possession/ control. Answer: Refers to the physical disposition of the
media on which the data is stored; This allows you to discuss loss of
data via its physical medium.
◉ Principle of Possession example. Answer: Lost package (encrypted
USB's and unencrypted USB's)
possession is an issue because the tapes are physically lost.
(Unencrypted is compromised via confidentiality and possession;
encrypted is compromised only via possession).
◉ Principle of Authenticity. Answer: Allows you to say whether you've
attributed the data in question to the proper owner/creator.
◉ Ways authenticity can be compromised. Answer: Sending an email
but altering the message to look like it came from someone else, than the
original one that was sent.
, ◉ Utility. Answer: How useful the data is to you.
Ex. Unencrypted (a lot of utility) Encrypted (little utility).
◉ Security Attacks. Answer: Broken down from the type of attack, risk
the attack represents, and controls you might use to mitigate it.
◉ Types of attacks. Answer: 1- interception
2- interruption
3- modification
4- fabrication
◉ Interception. Answer: Attacks allows unauthorized users to access our
data, applications, or environments.
Primarily an attack against confidentiality
◉ Interception Attack Examples. Answer: Unauthorized file viewing,
copying, eavesdropping on phone conversations, reading someone's
emails.
◉ Interruption. Answer: Attacks cause our assets to become unstable or
unavailable for our use, on a temporary or permanent basis.
SECURITY ACTUAL EXAM 2026 QUESTIONS
WITH ANSWERS GRADED A+
◉ Compliance. Answer: The requirements that are set forth by laws and
industry regulations.
IE: HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
◉ DAD Triad. Answer: Disclosure, alteration, and denial
◉ CIA Triad. Answer: The core model of all information security
concepts. Confidential, integrity and availability
◉ Confidential. Answer: Ability to protect our data from those who are
not authorized to view it.
◉ What ways can confidentiality be compromised?. Answer: - lose a
personal laptop with data
- Person can view your password you are entering in
- Send an email attachment to the wrong person.
,- Attacker can penetrate your systems....etc.
◉ integrity. Answer: Keeping data unaltered by accidental or malicious
intent
◉ How to maintain integrity?. Answer: Prevent unauthorized changes to
the data and the ability to reverse unwanted authorized changes.
Via system/file permissions or Undo/Roll back undesirable changes.
◉ Availability. Answer: The ability to access data when needed
◉ Ways Availability can be compromised. Answer: - Power loss
- Application issues
- Network attacks
- System compromised (DoS)
◉ Denial of Service (DoS). Answer: Security problem in which users
are not able to access an information system; can be caused by human
errors, natural disaster, or malicious activity.
◉ Parkerian hexad model. Answer: A model that adds three more
principles to the CIA triad:
,Possession/Control
Utility
Authenticity
◉ Possession/ control. Answer: Refers to the physical disposition of the
media on which the data is stored; This allows you to discuss loss of
data via its physical medium.
◉ Principle of Possession example. Answer: Lost package (encrypted
USB's and unencrypted USB's)
possession is an issue because the tapes are physically lost.
(Unencrypted is compromised via confidentiality and possession;
encrypted is compromised only via possession).
◉ Principle of Authenticity. Answer: Allows you to say whether you've
attributed the data in question to the proper owner/creator.
◉ Ways authenticity can be compromised. Answer: Sending an email
but altering the message to look like it came from someone else, than the
original one that was sent.
, ◉ Utility. Answer: How useful the data is to you.
Ex. Unencrypted (a lot of utility) Encrypted (little utility).
◉ Security Attacks. Answer: Broken down from the type of attack, risk
the attack represents, and controls you might use to mitigate it.
◉ Types of attacks. Answer: 1- interception
2- interruption
3- modification
4- fabrication
◉ Interception. Answer: Attacks allows unauthorized users to access our
data, applications, or environments.
Primarily an attack against confidentiality
◉ Interception Attack Examples. Answer: Unauthorized file viewing,
copying, eavesdropping on phone conversations, reading someone's
emails.
◉ Interruption. Answer: Attacks cause our assets to become unstable or
unavailable for our use, on a temporary or permanent basis.
