WGU C836 Pre-Assessment 2025–2026 | 35+
Solved Questions with 100% Verified Solutions |
Updated Complete Exam Pack
The WGU C836 Pre-Assessment (2025–2026 Edition) provides a comprehensive and
updated set of solved questions and verified solutions covering the core domains of Information
Security Fundamentals. Designed in alignment with WGU’s competency-based model, this
resource strengthens your understanding of risk management, network protection,
cryptography, access control, incident response, and security policies—ensuring you’re fully
prepared for both the pre-assessment and the final performance evaluation.
Introduction
This verified 2025–2026 edition compiles 35+ pre-assessment-style questions with precise,
instructor-validated explanations. Each solution highlights key cybersecurity principles,
regulatory frameworks, and best practices that reflect current NIST and ISO/IEC standards.
Ideal for learners seeking structured exam preparation, it ensures conceptual clarity, application
proficiency, and A+-level exam readiness. Key topics include:
• Cybersecurity frameworks and compliance (NIST, ISO/IEC 27001)
• Risk assessment and mitigation strategies
• Cryptographic techniques and protocols
• Access control models and authentication
• Network security and threat detection
• Incident response and business continuity planning
Answer Format
Every correct answer is indicated in bold green text, accompanied by concise rationales that
explain the correct response, reinforce key definitions, and connect theory to real-world security
operations. The format supports focused review and efficient mastery of all learning objectives
for the C836 Pre-Assessment.
Questions 1–35+
1. What is the primary goal of information security?
a) Maximize system performance
b) Protect the confidentiality, integrity, and availability of data
c) Ensure software compatibility
d) Reduce hardware costs
b) Protect the confidentiality, integrity, and availability of data
Rationale: The CIA triad (Confidentiality, Integrity, Availability) is the cornerstone of
, information security, ensuring data is protected from unauthorized access, tampering, and
disruption.
2. Which of the following is a key component of a risk assessment?
a) Installing antivirus software
b) Identifying threats and vulnerabilities
c) Encrypting all network traffic
d) Updating system firmware
b) Identifying threats and vulnerabilities
Rationale: A risk assessment involves identifying potential threats and vulnerabilities,
evaluating their impact, and determining the likelihood of occurrence to prioritize mitigation
strategies.
3. What is the purpose of a firewall in a network?
a) Encrypts data transmissions
b) Filters network traffic based on predefined rules
c) Authenticates user identities
d) Stores backup data
b) Filters network traffic based on predefined rules
Rationale: A firewall monitors and controls incoming and outgoing network traffic based on
security rules, preventing unauthorized access and threats.
4. Which cryptographic technique uses the same key for both encryption
and decryption?
a) Asymmetric encryption
b) Symmetric encryption
c) Hashing
d) Digital signatures
b) Symmetric encryption
Rationale: Symmetric encryption uses a single key for both encryption and decryption, offering
efficiency but requiring secure key distribution (e.g., AES).
5. What is the primary purpose of multi-factor authentication (MFA)?
a) Reduce system latency
b) Enhance user convenience
c) Verify identity using multiple credentials
d) Encrypt stored data
c) Verify identity using multiple credentials
Rationale: MFA enhances security by requiring two or more independent credentials (e.g.,
password, token, biometrics) to verify a user’s identity.
6. Which of the following is an example of a social engineering attack?
a) SQL injection
b) Phishing
c) Brute force attack
d) Man-in-the-middle attack
Solved Questions with 100% Verified Solutions |
Updated Complete Exam Pack
The WGU C836 Pre-Assessment (2025–2026 Edition) provides a comprehensive and
updated set of solved questions and verified solutions covering the core domains of Information
Security Fundamentals. Designed in alignment with WGU’s competency-based model, this
resource strengthens your understanding of risk management, network protection,
cryptography, access control, incident response, and security policies—ensuring you’re fully
prepared for both the pre-assessment and the final performance evaluation.
Introduction
This verified 2025–2026 edition compiles 35+ pre-assessment-style questions with precise,
instructor-validated explanations. Each solution highlights key cybersecurity principles,
regulatory frameworks, and best practices that reflect current NIST and ISO/IEC standards.
Ideal for learners seeking structured exam preparation, it ensures conceptual clarity, application
proficiency, and A+-level exam readiness. Key topics include:
• Cybersecurity frameworks and compliance (NIST, ISO/IEC 27001)
• Risk assessment and mitigation strategies
• Cryptographic techniques and protocols
• Access control models and authentication
• Network security and threat detection
• Incident response and business continuity planning
Answer Format
Every correct answer is indicated in bold green text, accompanied by concise rationales that
explain the correct response, reinforce key definitions, and connect theory to real-world security
operations. The format supports focused review and efficient mastery of all learning objectives
for the C836 Pre-Assessment.
Questions 1–35+
1. What is the primary goal of information security?
a) Maximize system performance
b) Protect the confidentiality, integrity, and availability of data
c) Ensure software compatibility
d) Reduce hardware costs
b) Protect the confidentiality, integrity, and availability of data
Rationale: The CIA triad (Confidentiality, Integrity, Availability) is the cornerstone of
, information security, ensuring data is protected from unauthorized access, tampering, and
disruption.
2. Which of the following is a key component of a risk assessment?
a) Installing antivirus software
b) Identifying threats and vulnerabilities
c) Encrypting all network traffic
d) Updating system firmware
b) Identifying threats and vulnerabilities
Rationale: A risk assessment involves identifying potential threats and vulnerabilities,
evaluating their impact, and determining the likelihood of occurrence to prioritize mitigation
strategies.
3. What is the purpose of a firewall in a network?
a) Encrypts data transmissions
b) Filters network traffic based on predefined rules
c) Authenticates user identities
d) Stores backup data
b) Filters network traffic based on predefined rules
Rationale: A firewall monitors and controls incoming and outgoing network traffic based on
security rules, preventing unauthorized access and threats.
4. Which cryptographic technique uses the same key for both encryption
and decryption?
a) Asymmetric encryption
b) Symmetric encryption
c) Hashing
d) Digital signatures
b) Symmetric encryption
Rationale: Symmetric encryption uses a single key for both encryption and decryption, offering
efficiency but requiring secure key distribution (e.g., AES).
5. What is the primary purpose of multi-factor authentication (MFA)?
a) Reduce system latency
b) Enhance user convenience
c) Verify identity using multiple credentials
d) Encrypt stored data
c) Verify identity using multiple credentials
Rationale: MFA enhances security by requiring two or more independent credentials (e.g.,
password, token, biometrics) to verify a user’s identity.
6. Which of the following is an example of a social engineering attack?
a) SQL injection
b) Phishing
c) Brute force attack
d) Man-in-the-middle attack
