WGU C845 VUN1 TASK 3 | PASSED ON FIRST ATTEMPT |LATEST UPDATE EXAM
QUESTIONS WITH COMPLETE SOLUTIONS AND RATIONALES
Question 1
What does AAA stand for in access control?
A. Authentication, Authorization, Auditing
B. Authorization, Authentication, Accounting
C. Authentication, Authorization, Accounting ✅
D. Access, Authorization, Accountability
Rationale:
AAA refers to the three core access-control functions: verifying identity (authentication),
granting permissions (authorization), and tracking activity (accounting).
Question 2
Which principle of the AIC triad ensures data is accessible when needed?
A. Integrity
B. Confidentiality
C. Authentication
D. Availability ✅
Rationale:
Availability focuses on ensuring systems and data are accessible to authorized users when
required.
Question 3
Which authentication error occurs when an unauthorized user is granted access?
A. False rejection rate (FRR)
B. Type I error
C. False acceptance rate (FAR) ✅
D. Single-factor failure
,Rationale:
FAR (Type II error) occurs when the system incorrectly identifies an unknown user as legitimate.
Question 4
Which access control model assigns permissions based on job roles?
A. Rule-based access control
B. Mandatory access control
C. Role-based access control (RBAC) ✅
D. Discretionary access control
Rationale:
RBAC groups users by role and assigns permissions accordingly, simplifying management.
Question 5
What is the primary purpose of a penetration test?
A. Certify system compliance
B. Monitor live traffic
C. Identify vulnerabilities by simulating attacks ✅
D. Replace vulnerability scanning
Rationale:
Penetration testing is an authorized attempt to exploit weaknesses to identify security gaps.
1. What does AAA stand for in access control?
A. Access, Authorization, Auditing
B. Authentication, Authorization, Auditing
C. Authentication, Authorization, Accounting ✅
D. Access, Accountability, Authorization
Rationale: AAA defines how users are verified, permitted, and monitored.
2. What is an algorithm?
, A. A password
B. A firewall rule
C. A mathematical function used for encryption or decryption ✅
D. A security policy
Rationale: Cryptographic algorithms mathematically protect data.
3. What is authentication?
A. Assigning permissions
B. Logging activity
C. Verifying a user’s identity ✅
D. Encrypting data
Rationale: Authentication proves who the user is.
4. Authorization refers to:
A. Verifying identity
B. Defining what resources a user can access ✅
C. Logging user activity
D. Encrypting communications
Rationale: Authorization follows authentication.
5. Which AIC principle ensures systems are usable when needed?
A. Confidentiality
B. Integrity
C. Availability ✅
D. Authentication
Rationale: Availability ensures uptime and access.
6. Confidentiality focuses on:
QUESTIONS WITH COMPLETE SOLUTIONS AND RATIONALES
Question 1
What does AAA stand for in access control?
A. Authentication, Authorization, Auditing
B. Authorization, Authentication, Accounting
C. Authentication, Authorization, Accounting ✅
D. Access, Authorization, Accountability
Rationale:
AAA refers to the three core access-control functions: verifying identity (authentication),
granting permissions (authorization), and tracking activity (accounting).
Question 2
Which principle of the AIC triad ensures data is accessible when needed?
A. Integrity
B. Confidentiality
C. Authentication
D. Availability ✅
Rationale:
Availability focuses on ensuring systems and data are accessible to authorized users when
required.
Question 3
Which authentication error occurs when an unauthorized user is granted access?
A. False rejection rate (FRR)
B. Type I error
C. False acceptance rate (FAR) ✅
D. Single-factor failure
,Rationale:
FAR (Type II error) occurs when the system incorrectly identifies an unknown user as legitimate.
Question 4
Which access control model assigns permissions based on job roles?
A. Rule-based access control
B. Mandatory access control
C. Role-based access control (RBAC) ✅
D. Discretionary access control
Rationale:
RBAC groups users by role and assigns permissions accordingly, simplifying management.
Question 5
What is the primary purpose of a penetration test?
A. Certify system compliance
B. Monitor live traffic
C. Identify vulnerabilities by simulating attacks ✅
D. Replace vulnerability scanning
Rationale:
Penetration testing is an authorized attempt to exploit weaknesses to identify security gaps.
1. What does AAA stand for in access control?
A. Access, Authorization, Auditing
B. Authentication, Authorization, Auditing
C. Authentication, Authorization, Accounting ✅
D. Access, Accountability, Authorization
Rationale: AAA defines how users are verified, permitted, and monitored.
2. What is an algorithm?
, A. A password
B. A firewall rule
C. A mathematical function used for encryption or decryption ✅
D. A security policy
Rationale: Cryptographic algorithms mathematically protect data.
3. What is authentication?
A. Assigning permissions
B. Logging activity
C. Verifying a user’s identity ✅
D. Encrypting data
Rationale: Authentication proves who the user is.
4. Authorization refers to:
A. Verifying identity
B. Defining what resources a user can access ✅
C. Logging user activity
D. Encrypting communications
Rationale: Authorization follows authentication.
5. Which AIC principle ensures systems are usable when needed?
A. Confidentiality
B. Integrity
C. Availability ✅
D. Authentication
Rationale: Availability ensures uptime and access.
6. Confidentiality focuses on:
