WGU C836 Actual Exam Questions
with Verified Answers Already
Graded A+
1. CIA Triad - ANSWER Confidentiality, Integrity, Availability
2. Parkerian hexad - ANSWER Where the CIA triad consists of
confidentiality, integrity, and availability, the Parkerian hexad consists of
these three principles, as well as possession or control, authenticity, and
utility
3. Confidentiality - ANSWER Refers to our ability to protect our data from
those who are not authorized to view it.
Confidentiality can be compromised by the loss of a laptop containing data, a
person looking over our shoulder while we type a password, an e-mail
attachment being sent to the wrong person, an attacker penetrating our systems,
or similar issues.
4. Integrity - ANSWER Refers to the ability to prevent our data from being
changed in an unauthorized or undesirable manner. This could mean the
unauthorized change or deletion of our data or portions of our data, or it
could mean an authorized, but undesirable, change or deletion of our data.
To maintain integrity, we not only need to have the means to prevent
unauthorized changes to our data but also need the ability to reverse
authorized changes that need to be undone.
,5. Availability - ANSWER refers to the ability to access our data when we
need it. Loss of availability can refer to a wide variety of breaks anywhere in
the chain that allows us access to our data. Such issues can result from
power loss, operating system or application problems, network attacks,
compromise of a system, or other problems. When such issues are caused by
an outside party, such as an attacker, they are commonly referred to as a
denial of service (DoS) attack.
6. Possession or Control - ANSWER Refers to the physical disposition of the
media on which the data is stored. This enables us, without involving other
factors such as availability, to discuss our loss of the data in its physical
medium
An example is data store be on multiple devices and there could be numerous
versions.
7. Host Intrusion Detection System (HIDS) - ANSWER A software-based
application that runs on a local host computer that can detect an attack as it
occurs.
Anti-threat applications such as firewalls, antivirus software and spyware-
detection programs are installed on every network computer that has two-way
access to the outside environment such as the Internet
8. At a small company, an employee makes an unauthorized data alteration.
Which component of the CIA triad has been compromised? - ANSWER
Integrity
9. An organization plans to encrypt data in transit on a network. Which aspect
of data is the organization attempting to protect? - ANSWER Integrity
, 10.Which aspect of the CIA triad is violated by an unauthorized database roll
back or undo? - ANSWER Integrity
11.A company's website has suffered several denial of service (DoS) attacks
and wishes to thwart future attacks. Which security principle is the company
addressing? - ANSWER Availability
12.An organization has a requirement that all database servers and file servers
be configured to maintain operations in the presence of a failure. Which
principle of the CIA triad is this requirement implementing? - ANSWER
Availability
13.Which tool can be used to map devices on a network, along with their
operating system types and versions? - ANSWER Port scanner
14.Which web attack is a server-side attack? - ANSWER SQL injection
15.A new start-up company has started working on a social networking website.
The company has moved all its source code to a cloud provider and wants to
protect this source code from unauthorized access. Which cyber defense
concept should the start-up company use to maintain the confidentiality of
its source code? - ANSWER File encryption
16.A company has an annual audit of installed software and data storage
systems. During the audit, the auditor asks how the company's most critical
data is used. This determination helps the auditor ensure that the proper
defense mechanisms are in place to protect critical data. Which principle of
the Parkerian hexad is the auditor addressing? - ANSWER Utility
with Verified Answers Already
Graded A+
1. CIA Triad - ANSWER Confidentiality, Integrity, Availability
2. Parkerian hexad - ANSWER Where the CIA triad consists of
confidentiality, integrity, and availability, the Parkerian hexad consists of
these three principles, as well as possession or control, authenticity, and
utility
3. Confidentiality - ANSWER Refers to our ability to protect our data from
those who are not authorized to view it.
Confidentiality can be compromised by the loss of a laptop containing data, a
person looking over our shoulder while we type a password, an e-mail
attachment being sent to the wrong person, an attacker penetrating our systems,
or similar issues.
4. Integrity - ANSWER Refers to the ability to prevent our data from being
changed in an unauthorized or undesirable manner. This could mean the
unauthorized change or deletion of our data or portions of our data, or it
could mean an authorized, but undesirable, change or deletion of our data.
To maintain integrity, we not only need to have the means to prevent
unauthorized changes to our data but also need the ability to reverse
authorized changes that need to be undone.
,5. Availability - ANSWER refers to the ability to access our data when we
need it. Loss of availability can refer to a wide variety of breaks anywhere in
the chain that allows us access to our data. Such issues can result from
power loss, operating system or application problems, network attacks,
compromise of a system, or other problems. When such issues are caused by
an outside party, such as an attacker, they are commonly referred to as a
denial of service (DoS) attack.
6. Possession or Control - ANSWER Refers to the physical disposition of the
media on which the data is stored. This enables us, without involving other
factors such as availability, to discuss our loss of the data in its physical
medium
An example is data store be on multiple devices and there could be numerous
versions.
7. Host Intrusion Detection System (HIDS) - ANSWER A software-based
application that runs on a local host computer that can detect an attack as it
occurs.
Anti-threat applications such as firewalls, antivirus software and spyware-
detection programs are installed on every network computer that has two-way
access to the outside environment such as the Internet
8. At a small company, an employee makes an unauthorized data alteration.
Which component of the CIA triad has been compromised? - ANSWER
Integrity
9. An organization plans to encrypt data in transit on a network. Which aspect
of data is the organization attempting to protect? - ANSWER Integrity
, 10.Which aspect of the CIA triad is violated by an unauthorized database roll
back or undo? - ANSWER Integrity
11.A company's website has suffered several denial of service (DoS) attacks
and wishes to thwart future attacks. Which security principle is the company
addressing? - ANSWER Availability
12.An organization has a requirement that all database servers and file servers
be configured to maintain operations in the presence of a failure. Which
principle of the CIA triad is this requirement implementing? - ANSWER
Availability
13.Which tool can be used to map devices on a network, along with their
operating system types and versions? - ANSWER Port scanner
14.Which web attack is a server-side attack? - ANSWER SQL injection
15.A new start-up company has started working on a social networking website.
The company has moved all its source code to a cloud provider and wants to
protect this source code from unauthorized access. Which cyber defense
concept should the start-up company use to maintain the confidentiality of
its source code? - ANSWER File encryption
16.A company has an annual audit of installed software and data storage
systems. During the audit, the auditor asks how the company's most critical
data is used. This determination helps the auditor ensure that the proper
defense mechanisms are in place to protect critical data. Which principle of
the Parkerian hexad is the auditor addressing? - ANSWER Utility
