WGU D430 / C836 Fundamentals of Information Security-
(Unit 1) Practice test exam Questions with complete
solutions verified by experts 2025/2026
Which of the following best describes a "zero trust" architecture? - correct answer B)
Never trusting any user or device by default
RATIONALE: Zero trust architecture assumes that threats could be internal or external
and requires verification for every access request
What is the primary goal of conducting a penetration test? - correct answer C) To
identify vulnerabilities by simulating real-world attacks
RATIONALE: The primary goal of a penetration test is to identify vulnerabilities by
simulating attacks, helping organizations strengthen their security posture.
You notice suspicious activity on a user's account, indicating a possible compromise.
What is your immediate response? - correct answer C) Investigate the activity to
assess the risk
RATIONALE: Investigating suspicious activity allows you to assess the risk and
determine the best course of action to mitigate any potential threats.
What is the most significant risk associated with using public Wi-Fi for accessing
sensitive company data? - correct answer C) Potential data interception by attackers
RATIONALE: Public Wi-Fi networks are susceptible to data interception by attackers,
posing a significant risk to sensitive information
Which of the following methods is the most effective for ensuring data integrity? -
correct answer C) Checksums and hashes
, RATIONALE: Checksums and hashes are effective methods for verifying data integrity,
ensuring that data has not been altered or corrupted.
What is the primary objective of a data breach response plan? - correct answer B) To
outline steps to take in the event of a data breach
RATIONALE: A data breach response plan outlines the necessary steps to mitigate the
impact and recover from a data breach effectively.
Which of the following best describes a "honey pot" in cybersecurity? - correct answer
C) A decoy system used to attract and analyze attacks
RATIONALE: A honey pot is a decoy system set up to attract attackers and analyze
their methods to improve security.
Interception - correct answer A type of attack, against confidentiality
Interruption attack - correct answer An attack that causes our assets to become
unusable or unavailable for our use, on a temporary or permanent basis
Risk - correct answer The likelihood that something bad will happen
Vulnerability - correct answer A weakness that can be used to harm us
Threat - correct answer Some thing that has the potential to cause harm to our assets
Interception - correct answer A type of attack, primarily against confidentiality
Availability - correct answer Refers to the ability to access our data when we need it
Integrity - correct answer Refers to the ability to prevent our data from being changed
in an unauthorized around desirable manner
(Unit 1) Practice test exam Questions with complete
solutions verified by experts 2025/2026
Which of the following best describes a "zero trust" architecture? - correct answer B)
Never trusting any user or device by default
RATIONALE: Zero trust architecture assumes that threats could be internal or external
and requires verification for every access request
What is the primary goal of conducting a penetration test? - correct answer C) To
identify vulnerabilities by simulating real-world attacks
RATIONALE: The primary goal of a penetration test is to identify vulnerabilities by
simulating attacks, helping organizations strengthen their security posture.
You notice suspicious activity on a user's account, indicating a possible compromise.
What is your immediate response? - correct answer C) Investigate the activity to
assess the risk
RATIONALE: Investigating suspicious activity allows you to assess the risk and
determine the best course of action to mitigate any potential threats.
What is the most significant risk associated with using public Wi-Fi for accessing
sensitive company data? - correct answer C) Potential data interception by attackers
RATIONALE: Public Wi-Fi networks are susceptible to data interception by attackers,
posing a significant risk to sensitive information
Which of the following methods is the most effective for ensuring data integrity? -
correct answer C) Checksums and hashes
, RATIONALE: Checksums and hashes are effective methods for verifying data integrity,
ensuring that data has not been altered or corrupted.
What is the primary objective of a data breach response plan? - correct answer B) To
outline steps to take in the event of a data breach
RATIONALE: A data breach response plan outlines the necessary steps to mitigate the
impact and recover from a data breach effectively.
Which of the following best describes a "honey pot" in cybersecurity? - correct answer
C) A decoy system used to attract and analyze attacks
RATIONALE: A honey pot is a decoy system set up to attract attackers and analyze
their methods to improve security.
Interception - correct answer A type of attack, against confidentiality
Interruption attack - correct answer An attack that causes our assets to become
unusable or unavailable for our use, on a temporary or permanent basis
Risk - correct answer The likelihood that something bad will happen
Vulnerability - correct answer A weakness that can be used to harm us
Threat - correct answer Some thing that has the potential to cause harm to our assets
Interception - correct answer A type of attack, primarily against confidentiality
Availability - correct answer Refers to the ability to access our data when we need it
Integrity - correct answer Refers to the ability to prevent our data from being changed
in an unauthorized around desirable manner
