WGU C836 FUNDAMENTALS OF
INFORMATION SECURITY STUDY SCRIPT
2026 COMPLETE QUESTIONS AND
CORRECT ANSWERS
◉anti-malware tool. Answer: A type of tool that uses signature
matching or anomaly detection (heuristics) to detect malware
threats, either in real-time or by performing scans of files and
processes
◉heuristics. Answer: the process of anomaly detection used by anti-
malware tools to detect malware without signatures
◉executable space protection. Answer: A hardware and software-
based technology that prevents certain portions of the memory used
by the operating system and applications from being used to execute
code
◉buffer overflow (overrun). Answer: The act of inputting more data
than an application is expecting from a particular input, creating the
possibility of executing commands by specifically crafting the excess
data
,◉ASLR (Address Space Layout Randomization). Answer: a security
method that involves shifting the contents of memory around to
make tampering difficult
◉software firewall. Answer: This type of firewall generally contains
a subset of the features on a large firewall appliance but is often
capable of similar packet filtering and stateful packet inspection
activities
◉HIDS (host-based intrusion detection system). Answer: a system
used to analyze the activities on or directed at the network interface
of a particular host.
* may communicate with management device by sending regular
beacons
◉scanner. Answer: a type of tool that can detect various security
flaws when examining hosts
◉vulnerability assessment tool. Answer: A tool that is aimed
specifically at the task of finding and reporting network services on
hosts that have known vulnerabilities
◉Nessus. Answer: A well-known vulnerability assessment tool that
includes a port scanner
,◉exploit framework. Answer: A group of tools that can include
network mapping tools, sniffers, and exploits
◉exploits. Answer: small bits of software that take advantage of
flaws in software/applications in order to cause them to behave in
ways that were not intended by their creators
◉Metasploit, Immunity CANVAS, Core Impact. Answer: Name 3
examples of exploit frameworks
◉security in network design. Answer: This method of security
involves a well-configured and patched network, and incorporating
elements such as network segmentation, choke points, and
redundancy
◉network segmentation. Answer: The act of dividing a network into
multiple smaller networks, each acting as its own small network
(subnet)
◉choke points. Answer: certain points in the network, such as
routers, firewalls, or proxies, where we can inspect, filter, and
control network traffic
, ◉redundancy. Answer: a method of security that involves designing
a network to always have another route if something fails or loses
connection
◉firewall. Answer: a mechanism for maintaining control over the
traffic that flows into and out of our networks
◉packet filtering. Answer: A firewall technology that inspects the
contents of each packet in network traffic individually and makes a
gross determination (based on source and destination IP address,
port number, and the protocol being used) of whether the traffic
should be allowed to pass
◉SPI (Stateful Packet Inspection). Answer: a firewall that can watch
packets and monitor the traffic from a given connection
◉DPI (Deep Packet Inspection). Answer: a firewall technology that
can analyze the actual content of the traffic that is flowing through
◉proxy server. Answer: a specialized type of firewall that can serve
as a choke point, log traffic for later inspection, and provides a layer
of security by serving as a single source of requests for the devices
behind it
INFORMATION SECURITY STUDY SCRIPT
2026 COMPLETE QUESTIONS AND
CORRECT ANSWERS
◉anti-malware tool. Answer: A type of tool that uses signature
matching or anomaly detection (heuristics) to detect malware
threats, either in real-time or by performing scans of files and
processes
◉heuristics. Answer: the process of anomaly detection used by anti-
malware tools to detect malware without signatures
◉executable space protection. Answer: A hardware and software-
based technology that prevents certain portions of the memory used
by the operating system and applications from being used to execute
code
◉buffer overflow (overrun). Answer: The act of inputting more data
than an application is expecting from a particular input, creating the
possibility of executing commands by specifically crafting the excess
data
,◉ASLR (Address Space Layout Randomization). Answer: a security
method that involves shifting the contents of memory around to
make tampering difficult
◉software firewall. Answer: This type of firewall generally contains
a subset of the features on a large firewall appliance but is often
capable of similar packet filtering and stateful packet inspection
activities
◉HIDS (host-based intrusion detection system). Answer: a system
used to analyze the activities on or directed at the network interface
of a particular host.
* may communicate with management device by sending regular
beacons
◉scanner. Answer: a type of tool that can detect various security
flaws when examining hosts
◉vulnerability assessment tool. Answer: A tool that is aimed
specifically at the task of finding and reporting network services on
hosts that have known vulnerabilities
◉Nessus. Answer: A well-known vulnerability assessment tool that
includes a port scanner
,◉exploit framework. Answer: A group of tools that can include
network mapping tools, sniffers, and exploits
◉exploits. Answer: small bits of software that take advantage of
flaws in software/applications in order to cause them to behave in
ways that were not intended by their creators
◉Metasploit, Immunity CANVAS, Core Impact. Answer: Name 3
examples of exploit frameworks
◉security in network design. Answer: This method of security
involves a well-configured and patched network, and incorporating
elements such as network segmentation, choke points, and
redundancy
◉network segmentation. Answer: The act of dividing a network into
multiple smaller networks, each acting as its own small network
(subnet)
◉choke points. Answer: certain points in the network, such as
routers, firewalls, or proxies, where we can inspect, filter, and
control network traffic
, ◉redundancy. Answer: a method of security that involves designing
a network to always have another route if something fails or loses
connection
◉firewall. Answer: a mechanism for maintaining control over the
traffic that flows into and out of our networks
◉packet filtering. Answer: A firewall technology that inspects the
contents of each packet in network traffic individually and makes a
gross determination (based on source and destination IP address,
port number, and the protocol being used) of whether the traffic
should be allowed to pass
◉SPI (Stateful Packet Inspection). Answer: a firewall that can watch
packets and monitor the traffic from a given connection
◉DPI (Deep Packet Inspection). Answer: a firewall technology that
can analyze the actual content of the traffic that is flowing through
◉proxy server. Answer: a specialized type of firewall that can serve
as a choke point, log traffic for later inspection, and provides a layer
of security by serving as a single source of requests for the devices
behind it
