WGU D430 / C836 Fundamentals of Information Security –
Complete Concept Breakdown & Revision Q & A | 2026
Which type of attack category is an attack against confidentiality?
Interception.
Modification.
Fabrication.
Interruption. - correct answer Interception.
Which two attributes are included in the concept of risk? Choose two answers.
Threats
Frequency
Vulnerabilities
Impacts - correct answer Threats
Vulnerabilities
Which phase of the incident response (IR) process includes putting the system back
better than the original state?
Post-incident activity.
Containment.
Recovery.
Detection and Analysis - correct answer Recovery.
Which concept refers to adding layers of security to our networks?
Administrative control depth.
Defense in depth.
Physical control depth.
Logical control depth. - correct answer Defense in depth.
Which combination of factors demonstrates multi-factor authentication?
Fingerprint and voice print
Password and Pin
Password and fingerprint
Voice print and weight - correct answer Password and fingerprint
What is the name of the process where the client authenticates the server and the
server authenticates the client?
,Token-based authentication
Mutual authentication
Two-factor authentication
Multifactor authentication - correct answer Mutual authentication
What is an example of identification?
Text to cell phone
Employee Number
Update Access
Fingerprint - correct answer Employee Number
What is an example of authentication?
Username
First Car
Read Only
Pin - correct answer Pin
Which factors demonstrate multi-factor authentication?
Vein patterns and iris scan
Username and email address
Childhood pet and Mother's maiden name
Mother's maiden name and voice print - correct answer Mother's maiden name and
voice print
What is an objective for performing an audit?
To ensure a company can respond effectively to a disaster.
To ensure compliance and detect misuse.
To ensure potential risks are identified and analyzed.
To ensure proper access is granted to resources. - correct answer To ensure
compliance and detect misuse.
What are two common values for a network access control list (ACL)? Choose two
answers.
Accept
Agree
Disagree
Deny
,Allow - correct answer Deny
Allow
What are two common types of access control lists (ACLs)? Choose two answers.
File system
Allow
Network
Deny
Database system - correct answer File system
Network
Which access control model allows access to be determined by the owner of the
resource?
Mandatory access control (MAC)
Attribute-based access control (ABAC)
Role-based access control (RBAC)
Discretionary access control (DAC) - correct answer Discretionary access control
(DAC)
Which form of access control uses CAPTCHAs?
Attribute-based access control (ABAC)
Rule-based access control (RBAC)
Media access control (MAC)
Discretionary Access Control (DAC) - correct answer Attribute-based access control
(ABAC)
Which characteristic falls under accountability?
Interruption
Integrity
Utility
Identity - correct answer Identity
Which tool is used for vulnerability assessment?
Snort
Wireshark
Nessus
Superscan - correct answer Nessus
, Which standards apply to any financial entity policies?
SOX
Gramm-Leech-Bliley
PCI DSS
ECPI - correct answer Gramm-Leech-Bliley
What company audits other companies for licensing requirements?
RCA
CIA
BASF
BSA - correct answer BSA
Which term is synonymous with symmetric cryptography?
Private-public key pair
Rivest-Shamir-Adleman encryption algorithm
Secret key cryptography
Public key cryptography - correct answer Secret key cryptography
Which term is synonymous with asymmetric cryptography?
Private key cryptography
Private-Public key pair
Public key cryptography
Secret key encryption algorithm - correct answer Public key cryptography
What are hash functions used for?
Decrypting messages
Securing messages in transport
Determining whether the message has changed
Discovering original content - correct answer Determining whether the message has
changed
Which method is used to protect data at rest?
Encryption
Back up to the cloud
Back up to a disk
Hashing - correct answer Encryption
Complete Concept Breakdown & Revision Q & A | 2026
Which type of attack category is an attack against confidentiality?
Interception.
Modification.
Fabrication.
Interruption. - correct answer Interception.
Which two attributes are included in the concept of risk? Choose two answers.
Threats
Frequency
Vulnerabilities
Impacts - correct answer Threats
Vulnerabilities
Which phase of the incident response (IR) process includes putting the system back
better than the original state?
Post-incident activity.
Containment.
Recovery.
Detection and Analysis - correct answer Recovery.
Which concept refers to adding layers of security to our networks?
Administrative control depth.
Defense in depth.
Physical control depth.
Logical control depth. - correct answer Defense in depth.
Which combination of factors demonstrates multi-factor authentication?
Fingerprint and voice print
Password and Pin
Password and fingerprint
Voice print and weight - correct answer Password and fingerprint
What is the name of the process where the client authenticates the server and the
server authenticates the client?
,Token-based authentication
Mutual authentication
Two-factor authentication
Multifactor authentication - correct answer Mutual authentication
What is an example of identification?
Text to cell phone
Employee Number
Update Access
Fingerprint - correct answer Employee Number
What is an example of authentication?
Username
First Car
Read Only
Pin - correct answer Pin
Which factors demonstrate multi-factor authentication?
Vein patterns and iris scan
Username and email address
Childhood pet and Mother's maiden name
Mother's maiden name and voice print - correct answer Mother's maiden name and
voice print
What is an objective for performing an audit?
To ensure a company can respond effectively to a disaster.
To ensure compliance and detect misuse.
To ensure potential risks are identified and analyzed.
To ensure proper access is granted to resources. - correct answer To ensure
compliance and detect misuse.
What are two common values for a network access control list (ACL)? Choose two
answers.
Accept
Agree
Disagree
Deny
,Allow - correct answer Deny
Allow
What are two common types of access control lists (ACLs)? Choose two answers.
File system
Allow
Network
Deny
Database system - correct answer File system
Network
Which access control model allows access to be determined by the owner of the
resource?
Mandatory access control (MAC)
Attribute-based access control (ABAC)
Role-based access control (RBAC)
Discretionary access control (DAC) - correct answer Discretionary access control
(DAC)
Which form of access control uses CAPTCHAs?
Attribute-based access control (ABAC)
Rule-based access control (RBAC)
Media access control (MAC)
Discretionary Access Control (DAC) - correct answer Attribute-based access control
(ABAC)
Which characteristic falls under accountability?
Interruption
Integrity
Utility
Identity - correct answer Identity
Which tool is used for vulnerability assessment?
Snort
Wireshark
Nessus
Superscan - correct answer Nessus
, Which standards apply to any financial entity policies?
SOX
Gramm-Leech-Bliley
PCI DSS
ECPI - correct answer Gramm-Leech-Bliley
What company audits other companies for licensing requirements?
RCA
CIA
BASF
BSA - correct answer BSA
Which term is synonymous with symmetric cryptography?
Private-public key pair
Rivest-Shamir-Adleman encryption algorithm
Secret key cryptography
Public key cryptography - correct answer Secret key cryptography
Which term is synonymous with asymmetric cryptography?
Private key cryptography
Private-Public key pair
Public key cryptography
Secret key encryption algorithm - correct answer Public key cryptography
What are hash functions used for?
Decrypting messages
Securing messages in transport
Determining whether the message has changed
Discovering original content - correct answer Determining whether the message has
changed
Which method is used to protect data at rest?
Encryption
Back up to the cloud
Back up to a disk
Hashing - correct answer Encryption
