WGU D430 / C836 Fundamentals of Information Security-
Lesson ONE Practice Study Guide Questions with A level
solution version 2025/2026
Detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond to it appropriately. - correct answer Detection and analysis
Involves taking steps to ensure that the situation does not cause any more damage than
it already has, or to at least lessen any ongoing harm - correct answer Containment
Often referred to as a postmortem (latin for after death), we attempt to determine
specifically what happened, why it happened, and what we can do to keep it from
happening again. - correct answer Post incident activity
Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - correct answer Information
Security
Companies that process credit card payments must comply with this set of standards -
correct answer Payment Card Industry Data Security Standard (PCI DSS)
Used to keep something private or minimally known - correct answer Confidentiality
Refers to the ability to prevent our data from being changed in an unauthorized or
undesirable manner. - correct answer Integrity
Refers to the ability to access our data when we need it - correct answer Availability
A type of attack, primarily against confidentiality - correct answer Interception
Something that has the potential to cause harm to our assets - correct answer Threat
, A weakness that can be used to harm us - correct answer Vulnerability
The likelihood that something bad will happen - correct answer Risk
An attack that involves tampering with our assets - correct answer Modification attack
A model that adds three more principles to the CIA triad: possession or control, utility,
and authenticity - correct answer Parkerian hexad
The physical disposition of the media on which the data is stored - correct answer
Possession or control
Allows for attribution as to the owner or creator of the data in question - correct answer
Authenticity
Refers to how useful the data is to us - correct answer Utility
An attack that involves generating data, processes, communications, or other similar
activities with a system - correct answer Fabrication attack
One of the first and most important steps of the risk management process - correct
answer Identify assets
A multilayered defense that will allow us to achieve a successful defense should one or
more of our defensive measures fail - correct answer Defense in depth
Based on rules, laws, policies, procedures, guidelines, and other items that are "paper"
in nature - correct answer Administrative controls
Lesson ONE Practice Study Guide Questions with A level
solution version 2025/2026
Detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond to it appropriately. - correct answer Detection and analysis
Involves taking steps to ensure that the situation does not cause any more damage than
it already has, or to at least lessen any ongoing harm - correct answer Containment
Often referred to as a postmortem (latin for after death), we attempt to determine
specifically what happened, why it happened, and what we can do to keep it from
happening again. - correct answer Post incident activity
Protects information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction - correct answer Information
Security
Companies that process credit card payments must comply with this set of standards -
correct answer Payment Card Industry Data Security Standard (PCI DSS)
Used to keep something private or minimally known - correct answer Confidentiality
Refers to the ability to prevent our data from being changed in an unauthorized or
undesirable manner. - correct answer Integrity
Refers to the ability to access our data when we need it - correct answer Availability
A type of attack, primarily against confidentiality - correct answer Interception
Something that has the potential to cause harm to our assets - correct answer Threat
, A weakness that can be used to harm us - correct answer Vulnerability
The likelihood that something bad will happen - correct answer Risk
An attack that involves tampering with our assets - correct answer Modification attack
A model that adds three more principles to the CIA triad: possession or control, utility,
and authenticity - correct answer Parkerian hexad
The physical disposition of the media on which the data is stored - correct answer
Possession or control
Allows for attribution as to the owner or creator of the data in question - correct answer
Authenticity
Refers to how useful the data is to us - correct answer Utility
An attack that involves generating data, processes, communications, or other similar
activities with a system - correct answer Fabrication attack
One of the first and most important steps of the risk management process - correct
answer Identify assets
A multilayered defense that will allow us to achieve a successful defense should one or
more of our defensive measures fail - correct answer Defense in depth
Based on rules, laws, policies, procedures, guidelines, and other items that are "paper"
in nature - correct answer Administrative controls
