WGU C836 Pre Assessment Questions and
Answers
Port scanner - Correct answer Which tool can be used to map devices on a
network, along with their operating system types and versions?
SQL Injection - Correct answer Which web attack is a server-side attack?
Availability - Correct answer A company has had several successful denial of
service (DoS) attacks on its email server.
Which security principle is being attacked?
SQL Injection - Correct answer Which web attack is possible due to a lack of
input validation?
Encryption - Correct answer Which file action implements the principle of
confidentiality from the CIA triad?
Integrity - Correct answer An organization plans to encrypt data in transit on
a network.
Which aspect of data is the organization attempting to protect?
Integrity - Correct answer Which aspect of the CIA triad is violated by an
unauthorized database roll back or undo?
Availability - Correct answer A company's website has suffered several
denial of service (DoS) attacks and wishes to thwart future attacks.
Page 1|6
, Which security principle is the company addressing?
Availability - Correct answer An organization has a requirement that all
database servers and file servers be configured to maintain operations in the
presence of a failure.
Which principle of the CIA triad is this requirement implementing?
Operations - Correct answer A company's website policy states that "To gain
access to the corporate website, each employee must provide a valid user name
and password, and then answer one of six security questions accurately."
Which type of security does the policy address?
Attribute-based - Correct answer A company wants to update its access
control policy. The company wants to prevent hourly employees from logging in
to company computers after business hours.
Which type of access control policy should be implemented?
Relocate the algorithm to encrypted storage. - Correct answer A new
software development company has determined that one of its proprietary
algorithms is at a high risk for unauthorized disclosure. The company's security
up to this point has been fairly lax.
Which procedure should the company implement to protect this asset?
Restrict account permissions. - Correct answer How can an operating system
be hardened in accordance to the principle of least privilege?
Page 2|6
Answers
Port scanner - Correct answer Which tool can be used to map devices on a
network, along with their operating system types and versions?
SQL Injection - Correct answer Which web attack is a server-side attack?
Availability - Correct answer A company has had several successful denial of
service (DoS) attacks on its email server.
Which security principle is being attacked?
SQL Injection - Correct answer Which web attack is possible due to a lack of
input validation?
Encryption - Correct answer Which file action implements the principle of
confidentiality from the CIA triad?
Integrity - Correct answer An organization plans to encrypt data in transit on
a network.
Which aspect of data is the organization attempting to protect?
Integrity - Correct answer Which aspect of the CIA triad is violated by an
unauthorized database roll back or undo?
Availability - Correct answer A company's website has suffered several
denial of service (DoS) attacks and wishes to thwart future attacks.
Page 1|6
, Which security principle is the company addressing?
Availability - Correct answer An organization has a requirement that all
database servers and file servers be configured to maintain operations in the
presence of a failure.
Which principle of the CIA triad is this requirement implementing?
Operations - Correct answer A company's website policy states that "To gain
access to the corporate website, each employee must provide a valid user name
and password, and then answer one of six security questions accurately."
Which type of security does the policy address?
Attribute-based - Correct answer A company wants to update its access
control policy. The company wants to prevent hourly employees from logging in
to company computers after business hours.
Which type of access control policy should be implemented?
Relocate the algorithm to encrypted storage. - Correct answer A new
software development company has determined that one of its proprietary
algorithms is at a high risk for unauthorized disclosure. The company's security
up to this point has been fairly lax.
Which procedure should the company implement to protect this asset?
Restrict account permissions. - Correct answer How can an operating system
be hardened in accordance to the principle of least privilege?
Page 2|6
