WGU C836 /D430 – CIA Triad, Risk & Cryptography Question
and answers Review Guide | Complete Study Summary
2025/2026
Which attack category targets the confidentiality of data? - correct answer Interception
What is an example of symmetric key encryption? - correct answer AES
Which asymmetric cryptographic algorithm can provide confidentiality for data in
motion? - correct answer RSA
A company has just completed an audit of disaster protection strategies. The company
has decided it must keep and be able to retrieve backup data for a period of 30 years.
The company has implemented tape backups using 8mm digital audio tapes. Which
factor could impact the company's ability to access information from the backup tapes? -
correct answer technology obsolescence
A military installation is evaluating backup solutions for its critical data. This installation
operates in a harsh environment that is subjected to heat, humidity, and magnetic fields.
Which physical media should be selected to ensure the integrity of backups is
preserved given these harsh operating conditions? - correct answer Flash
A university research group wants to collect data on animals that are native to southern
Arizona, which is a hot, dry region. They plan to camp in tents for the summer at the
edge of a national park and to use optical media to backup photos and research notes.
Which physical or environmental factor may damage their optical media? - correct
answer Temperature
While visiting a country in the European Union, an American purchases an expensive
bottle of perfume with a credit card. What does the European Union Directive 95/46/EC
regulation safeguard for the purchaser? - correct answer Personally identifiable
information
, Which U.S. law defines security standards exclusively for federal agencies? - correct
answer FISMA
Which U.S. law regulates the confidentiality and accuracy of a publicly traded
corporation's financial reports? - correct answer SOX
At a small company, an employee makes an unauthorized data alteration. Which
component of the CIA triad has been compromised? - correct answer Integrity
An organization plans to encrypt data in transit on a network. Which aspect of data is
the organization attempting to protect? - correct answer Integrity
Which aspect of the CIA triad is violated by an unauthorized database roll back or
undo? - correct answer Integrity
A company's website has suffered several denial of service (DoS) attacks and wishes to
thwart future attacks. Which security principle is the company addressing? - correct
answer Availability
An organization has a requirement that all database servers and file servers be
configured to maintain operations in the presence of a failure. Which principle of the CIA
triad is this requirement implementing? - correct answer Availability
Which tool can be used to map devices on a network, along with their operating system
types and versions? - correct answer Port scanner
Which web attack is a server-side attack? - correct answer SQL injection
A new start-up company has started working on a social networking website. The
company has moved all its source code to a cloud provider and wants to protect this
source code from unauthorized access. Which cyber defense concept should the start-
up company use to maintain the confidentiality of its source code? - correct answer
File encryption
and answers Review Guide | Complete Study Summary
2025/2026
Which attack category targets the confidentiality of data? - correct answer Interception
What is an example of symmetric key encryption? - correct answer AES
Which asymmetric cryptographic algorithm can provide confidentiality for data in
motion? - correct answer RSA
A company has just completed an audit of disaster protection strategies. The company
has decided it must keep and be able to retrieve backup data for a period of 30 years.
The company has implemented tape backups using 8mm digital audio tapes. Which
factor could impact the company's ability to access information from the backup tapes? -
correct answer technology obsolescence
A military installation is evaluating backup solutions for its critical data. This installation
operates in a harsh environment that is subjected to heat, humidity, and magnetic fields.
Which physical media should be selected to ensure the integrity of backups is
preserved given these harsh operating conditions? - correct answer Flash
A university research group wants to collect data on animals that are native to southern
Arizona, which is a hot, dry region. They plan to camp in tents for the summer at the
edge of a national park and to use optical media to backup photos and research notes.
Which physical or environmental factor may damage their optical media? - correct
answer Temperature
While visiting a country in the European Union, an American purchases an expensive
bottle of perfume with a credit card. What does the European Union Directive 95/46/EC
regulation safeguard for the purchaser? - correct answer Personally identifiable
information
, Which U.S. law defines security standards exclusively for federal agencies? - correct
answer FISMA
Which U.S. law regulates the confidentiality and accuracy of a publicly traded
corporation's financial reports? - correct answer SOX
At a small company, an employee makes an unauthorized data alteration. Which
component of the CIA triad has been compromised? - correct answer Integrity
An organization plans to encrypt data in transit on a network. Which aspect of data is
the organization attempting to protect? - correct answer Integrity
Which aspect of the CIA triad is violated by an unauthorized database roll back or
undo? - correct answer Integrity
A company's website has suffered several denial of service (DoS) attacks and wishes to
thwart future attacks. Which security principle is the company addressing? - correct
answer Availability
An organization has a requirement that all database servers and file servers be
configured to maintain operations in the presence of a failure. Which principle of the CIA
triad is this requirement implementing? - correct answer Availability
Which tool can be used to map devices on a network, along with their operating system
types and versions? - correct answer Port scanner
Which web attack is a server-side attack? - correct answer SQL injection
A new start-up company has started working on a social networking website. The
company has moved all its source code to a cloud provider and wants to protect this
source code from unauthorized access. Which cyber defense concept should the start-
up company use to maintain the confidentiality of its source code? - correct answer
File encryption
