WGU C836 FUNDAMENTALS OF INFORMATION SECURITY FINAL EXAM QUESTIONS AND ANSWERS 2025–2026 | WGU C836 OA REAL EXAM LATEST

WGU C836 FUNDAMENTALS OF INFORMATION SECURITY
FINAL EXAM QUESTIONS AND ANSWERS 2025–2026 |
WGU C836 OA REAL EXAM LATEST


Sample Exam Questions


1. Which of the following is a primary goal of information security?
 A) Increase software functionality

 B) Triple data storage capacity

 C) Maintain data confidentiality
 D) Enhance system usability

CORRECT OPTION: C) Maintain data confidentiality
Rationale: The primary goals of information security generally focus on ensuring
confidentiality, integrity, and availability of data. Confidentiality involves protecting information
from unauthorized access.



2. What is the principle of least privilege?
 A) Users should have all privileges for usability

 B) Users are granted only the minimum level of access necessary

 C) Access is revoked after completion of tasks
 D) Privileges are determined by IT professionals only

CORRECT OPTION: B) Users are granted only the minimum level of access necessary
Rationale: The principle of least privilege is a security practice that restricts user access rights to
the bare minimum permissions they need to perform their job functions.



3. Which type of attack involves overwhelming a system with traffic to render it unusable?

, A) Phishing

 B) Denial of Service (DoS)

,  C) Man-in-the-Middle

 D) SQL Injection

CORRECT OPTION: B) Denial of Service (DoS)
Rationale: A Denial of Service attack aims to make a machine or network resource unavailable
by overwhelming it with a flood of illegitimate requests.


4. What is the purpose of encryption in data security?
 A) To protect data confidentiality during transmission

 B) To improve data integrity

 C) To enhance data accessibility

 D) To expedite data processing speed

CORRECT OPTION: A) To protect data confidentiality during transmission
Rationale: Encryption serves to protect the confidentiality of data by transforming it into a
format that is unreadable without the corresponding decryption key.



5. Which standard focuses on managing and protecting sensitive data?
 A) HIPAA

 B) PCI DSS
 C) NIST SP 800-53

 D) ISO 27001

CORRECT OPTION: B) PCI DSS
Rationale: The Payment Card Industry Data Security Standard (PCI DSS) is a set of security
standards designed to ensure that companies that accept, process, store, or transmit credit card
information maintain a secure environment.

, 6. Which of the following is a common method for preventing unauthorized access to a
network?
 A) Firewalls

 B) Intrusion Detection Systems (IDS)

 C) Access Control Lists (ACLs)
 D) Network Protocols

CORRECT OPTION: C) Access Control Lists (ACLs)
Rationale: ACLs help define who can access certain resources in a network, enforcing security
by allowing only authorized users or systems.



7. What does HTTPS stand for?
 A) Hypertext Transfer Protocol Standard

 B) Hypertext Transfer Protocol Secure

 C) Hypertext Transfer Privacy Standard

 D) Hypertext Transfer Protocol Secure Layer
CORRECT OPTION: B) Hypertext Transfer Protocol Secure
Rationale: HTTPS is the secure version of HTTP, which encrypts the data exchanged to protect
against interception.



8. A company experiences a data breach. Which of the following is the first action they
should take?
 A) Inform customers

 B) Contain the breach
 C) Identify the attack vector