WGU Course C836 - Fundamentals of
Information Security Exam with
Questions and Verified Answers Latest
Updated 2025-2026 GRADED A+
Which ,cybersecurity ,term ,is ,defined ,as ,the ,potential ,for ,an ,attack ,on ,a
,resource?
A ,Impact
B ,Vulnerability
C ,Risk
D ,Threat ,- ,CORRECT ,ANSWER-D
Which ,security ,type ,deliberately ,exposes ,a ,system's ,vulnerabilities ,or
,resources ,to ,an ,attacker?
A ,Intrusion ,detection
B ,Firewalls
C ,Honeypots
D ,Intrusion ,prevention ,- ,CORRECT ,ANSWER-C
Which ,tool ,can ,be ,used ,to ,map ,devices ,on ,a ,network, ,along ,with ,their
,operating ,system ,types ,and ,versions?
A ,Packet ,sniffer
B ,Packet ,filter
C ,Port ,scanner
D ,Stateful ,firewall ,- ,CORRECT ,ANSWER-C
Which ,web ,attack ,is ,a ,server-side ,attack?
A ,Clickjacking
B ,Cross-site ,scripting
C ,SQL ,injection
D ,Cross-site ,request ,forgery ,- ,CORRECT ,ANSWER-C
,An ,organization ,employs ,a ,VPN ,to ,safeguard ,its ,information. ,
Which ,security ,principle ,is ,protected ,by ,a ,VPN?
A ,Data ,in ,motion
B ,Data ,at ,rest
C ,Data ,in ,use
D ,Data ,in ,storage ,- ,CORRECT ,ANSWER-A
A ,malicious ,hacker ,was ,successful ,in ,a ,denial ,of ,service ,(DoS) ,attack ,against
,an ,institution's ,mail ,server. ,Fortunately, ,no ,data ,was ,lost ,or ,altered ,while ,the
,server ,was ,offline.
,
Which ,type ,of ,attack ,is ,this?
,
A ,Modification
B ,Fabrication
C ,Interception
D ,Interruption ,- ,CORRECT ,ANSWER-D
A ,company ,has ,had ,several ,successful ,denial ,of ,service ,(DoS) ,attacks ,on ,its
,email ,server.
,
Which ,security ,principle ,is ,being ,attacked?
A ,Possession
B ,Integrity
C ,Confidentiality
D ,Availability ,- ,CORRECT ,ANSWER-D
A ,new ,start-up ,company ,has ,started ,working ,on ,a ,social ,networking ,website.
,The ,company ,has ,moved ,all ,its ,source ,code ,to ,a ,cloud ,provider ,and ,wants ,to
,protect ,this ,source ,code ,from ,unauthorized ,access.
,
Which ,cyber ,defense ,concept ,should ,the ,start-up ,company ,use ,to ,maintain ,the
,confidentiality ,of ,its ,source ,code?
,
A ,Alarm ,systems
B ,Account ,permissions
C ,Antivirus ,software
D ,File ,encryption ,- ,CORRECT ,ANSWER-D
A ,company ,has ,an ,annual ,audit ,of ,installed ,software ,and ,data ,storage ,systems.
,During ,the ,audit, ,the ,auditor ,asks ,how ,the ,company's ,most ,critical ,data ,is
,used. ,This ,determination ,helps ,the ,auditor ,ensure ,that ,the ,proper ,defense
,mechanisms ,are ,in ,place ,to ,protect ,critical ,data.
,
Which ,principle ,of ,the ,Parkerian ,hexad ,is ,the ,auditor ,addressing?
,A ,Possession
B ,Integrity
C ,Authenticity
D ,Utility ,- ,CORRECT ,ANSWER-D
Which ,web ,attack ,is ,possible ,due ,to ,a ,lack ,of ,input ,validation?
,
A ,Extraneous ,files
B ,Clickjacking
C ,SQL ,injection
D ,Cross-site ,request ,forgery ,- ,CORRECT ,ANSWER-C
Which ,file ,action ,implements ,the ,principle ,of ,confidentiality ,from ,the ,CIA ,triad?
,
A ,Compression
B ,Hash
C ,Backup
D ,Encryption ,- ,CORRECT ,ANSWER-D
Which ,cyber ,defense ,concept ,suggests ,limiting ,permissions ,to ,only ,what ,is
,necessary ,to ,perform ,a ,particular ,task?
,
A ,Authentication
B ,Authorization
C ,Defense ,in ,depth
D ,Principle ,of ,least ,privilege ,- ,CORRECT ,ANSWER-D
A ,company ,institutes ,a ,new ,policy ,that ,"All ,office ,computer ,monitors ,must ,face
,toward ,employees ,and ,must ,face ,away ,from ,doorways. ,The ,monitor ,screens
,must ,not ,be ,visible ,to ,people ,visiting ,the ,office."
,
Which ,principle ,of ,the ,CIA ,triad ,is ,this ,company ,applying?
A ,Availability
B ,Confidentiality
C ,Utility
D ,Integrity ,- ,CORRECT ,ANSWER-B
At ,a ,small ,company, ,an ,employee ,makes ,an ,unauthorized ,data ,alteration.
,
Which ,component ,of ,the ,CIA ,triad ,has ,been ,compromised?
A ,Confidentiality
B ,Authenticity
C ,Integrity
D ,Availability ,- ,CORRECT ,ANSWER-C
An ,organization ,plans ,to ,encrypt ,data ,in ,transit ,on ,a ,network.
, ,
Which ,aspect ,of ,data ,is ,the ,organization ,attempting ,to ,protect?
A ,Integrity
B ,Possession
C ,Availability
D ,Authenticity ,- ,CORRECT ,ANSWER-A
Which ,aspect ,of ,the ,CIA ,triad ,is ,violated ,by ,an ,unauthorized ,database ,rollback
,or ,undo?
A ,Availability
B ,Identification
C ,Integrity
D ,Confidentiality ,- ,CORRECT ,ANSWER-C
A ,company's ,website ,has ,suffered ,several ,denial ,of ,service ,(DoS) ,attacks ,and
,wishes ,to ,thwart ,future ,attacks.
,
Which ,security ,principle ,is ,the ,company ,addressing?
A ,Availability
B ,Authenticity
C ,Confidentiality
D ,Possession ,- ,CORRECT ,ANSWER-A
An ,organization ,has ,a ,requirement ,that ,all ,database ,servers ,and ,file ,servers ,be
,configured ,to ,maintain ,operations ,in ,the ,presence ,of ,a ,failure. ,
,
Which ,principle ,of ,the ,CIA ,triad ,is ,this ,requirement ,implementing?
A ,Utility
B ,Integrity
C ,Availability
D ,Confidentiality ,- ,CORRECT ,ANSWER-C
A ,company's ,IT ,policy ,manual ,states ,that ,"All ,company ,computers,
,workstations, ,application ,servers, ,and ,mobile ,devices ,must ,have ,current
,versions ,of ,antivirus ,software."
,
Which ,principle ,or ,concept ,of ,cybersecurity ,does ,this ,policy ,statement ,impact?
A ,Accounting ,policy
B ,Operating ,system ,security
C ,Access ,control ,policy
D ,Physical ,security ,- ,CORRECT ,ANSWER-B
Information Security Exam with
Questions and Verified Answers Latest
Updated 2025-2026 GRADED A+
Which ,cybersecurity ,term ,is ,defined ,as ,the ,potential ,for ,an ,attack ,on ,a
,resource?
A ,Impact
B ,Vulnerability
C ,Risk
D ,Threat ,- ,CORRECT ,ANSWER-D
Which ,security ,type ,deliberately ,exposes ,a ,system's ,vulnerabilities ,or
,resources ,to ,an ,attacker?
A ,Intrusion ,detection
B ,Firewalls
C ,Honeypots
D ,Intrusion ,prevention ,- ,CORRECT ,ANSWER-C
Which ,tool ,can ,be ,used ,to ,map ,devices ,on ,a ,network, ,along ,with ,their
,operating ,system ,types ,and ,versions?
A ,Packet ,sniffer
B ,Packet ,filter
C ,Port ,scanner
D ,Stateful ,firewall ,- ,CORRECT ,ANSWER-C
Which ,web ,attack ,is ,a ,server-side ,attack?
A ,Clickjacking
B ,Cross-site ,scripting
C ,SQL ,injection
D ,Cross-site ,request ,forgery ,- ,CORRECT ,ANSWER-C
,An ,organization ,employs ,a ,VPN ,to ,safeguard ,its ,information. ,
Which ,security ,principle ,is ,protected ,by ,a ,VPN?
A ,Data ,in ,motion
B ,Data ,at ,rest
C ,Data ,in ,use
D ,Data ,in ,storage ,- ,CORRECT ,ANSWER-A
A ,malicious ,hacker ,was ,successful ,in ,a ,denial ,of ,service ,(DoS) ,attack ,against
,an ,institution's ,mail ,server. ,Fortunately, ,no ,data ,was ,lost ,or ,altered ,while ,the
,server ,was ,offline.
,
Which ,type ,of ,attack ,is ,this?
,
A ,Modification
B ,Fabrication
C ,Interception
D ,Interruption ,- ,CORRECT ,ANSWER-D
A ,company ,has ,had ,several ,successful ,denial ,of ,service ,(DoS) ,attacks ,on ,its
,email ,server.
,
Which ,security ,principle ,is ,being ,attacked?
A ,Possession
B ,Integrity
C ,Confidentiality
D ,Availability ,- ,CORRECT ,ANSWER-D
A ,new ,start-up ,company ,has ,started ,working ,on ,a ,social ,networking ,website.
,The ,company ,has ,moved ,all ,its ,source ,code ,to ,a ,cloud ,provider ,and ,wants ,to
,protect ,this ,source ,code ,from ,unauthorized ,access.
,
Which ,cyber ,defense ,concept ,should ,the ,start-up ,company ,use ,to ,maintain ,the
,confidentiality ,of ,its ,source ,code?
,
A ,Alarm ,systems
B ,Account ,permissions
C ,Antivirus ,software
D ,File ,encryption ,- ,CORRECT ,ANSWER-D
A ,company ,has ,an ,annual ,audit ,of ,installed ,software ,and ,data ,storage ,systems.
,During ,the ,audit, ,the ,auditor ,asks ,how ,the ,company's ,most ,critical ,data ,is
,used. ,This ,determination ,helps ,the ,auditor ,ensure ,that ,the ,proper ,defense
,mechanisms ,are ,in ,place ,to ,protect ,critical ,data.
,
Which ,principle ,of ,the ,Parkerian ,hexad ,is ,the ,auditor ,addressing?
,A ,Possession
B ,Integrity
C ,Authenticity
D ,Utility ,- ,CORRECT ,ANSWER-D
Which ,web ,attack ,is ,possible ,due ,to ,a ,lack ,of ,input ,validation?
,
A ,Extraneous ,files
B ,Clickjacking
C ,SQL ,injection
D ,Cross-site ,request ,forgery ,- ,CORRECT ,ANSWER-C
Which ,file ,action ,implements ,the ,principle ,of ,confidentiality ,from ,the ,CIA ,triad?
,
A ,Compression
B ,Hash
C ,Backup
D ,Encryption ,- ,CORRECT ,ANSWER-D
Which ,cyber ,defense ,concept ,suggests ,limiting ,permissions ,to ,only ,what ,is
,necessary ,to ,perform ,a ,particular ,task?
,
A ,Authentication
B ,Authorization
C ,Defense ,in ,depth
D ,Principle ,of ,least ,privilege ,- ,CORRECT ,ANSWER-D
A ,company ,institutes ,a ,new ,policy ,that ,"All ,office ,computer ,monitors ,must ,face
,toward ,employees ,and ,must ,face ,away ,from ,doorways. ,The ,monitor ,screens
,must ,not ,be ,visible ,to ,people ,visiting ,the ,office."
,
Which ,principle ,of ,the ,CIA ,triad ,is ,this ,company ,applying?
A ,Availability
B ,Confidentiality
C ,Utility
D ,Integrity ,- ,CORRECT ,ANSWER-B
At ,a ,small ,company, ,an ,employee ,makes ,an ,unauthorized ,data ,alteration.
,
Which ,component ,of ,the ,CIA ,triad ,has ,been ,compromised?
A ,Confidentiality
B ,Authenticity
C ,Integrity
D ,Availability ,- ,CORRECT ,ANSWER-C
An ,organization ,plans ,to ,encrypt ,data ,in ,transit ,on ,a ,network.
, ,
Which ,aspect ,of ,data ,is ,the ,organization ,attempting ,to ,protect?
A ,Integrity
B ,Possession
C ,Availability
D ,Authenticity ,- ,CORRECT ,ANSWER-A
Which ,aspect ,of ,the ,CIA ,triad ,is ,violated ,by ,an ,unauthorized ,database ,rollback
,or ,undo?
A ,Availability
B ,Identification
C ,Integrity
D ,Confidentiality ,- ,CORRECT ,ANSWER-C
A ,company's ,website ,has ,suffered ,several ,denial ,of ,service ,(DoS) ,attacks ,and
,wishes ,to ,thwart ,future ,attacks.
,
Which ,security ,principle ,is ,the ,company ,addressing?
A ,Availability
B ,Authenticity
C ,Confidentiality
D ,Possession ,- ,CORRECT ,ANSWER-A
An ,organization ,has ,a ,requirement ,that ,all ,database ,servers ,and ,file ,servers ,be
,configured ,to ,maintain ,operations ,in ,the ,presence ,of ,a ,failure. ,
,
Which ,principle ,of ,the ,CIA ,triad ,is ,this ,requirement ,implementing?
A ,Utility
B ,Integrity
C ,Availability
D ,Confidentiality ,- ,CORRECT ,ANSWER-C
A ,company's ,IT ,policy ,manual ,states ,that ,"All ,company ,computers,
,workstations, ,application ,servers, ,and ,mobile ,devices ,must ,have ,current
,versions ,of ,antivirus ,software."
,
Which ,principle ,or ,concept ,of ,cybersecurity ,does ,this ,policy ,statement ,impact?
A ,Accounting ,policy
B ,Operating ,system ,security
C ,Access ,control ,policy
D ,Physical ,security ,- ,CORRECT ,ANSWER-B
