WGU D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM ACTUAL
OBJECTIVE ASSESSMENT 2026 TEST
BANK QUESTIONS AND VERIFIED
ANSWERS
3DES - CORRECT ANSWER: DES used to encrypt each block three times , each with a
different key
Access Control List - CORRECT ANSWER: info about what kind of access certain
parties are allowed to have to a given system
Read , write , execute
Access Control Models - CORRECT ANSWER: Discretionary ( DAC )
,Mandatory ( MAC )
Rule - based
Role - based ( RBAC )
Attribute - based ( ABAC )
Accountability - CORRECT ANSWER: Refers to making sure that a person is
responsible for their actions .
-It provides us with the means to trace activities in our environment back to their source
.
-Depends on identification , authentication , and access control being present so that we
can know who a given transaction is associated with , and what permissions were used
to allow them to carry it out .
Acess Control - CORRECT ANSWER: Allowing - lets us give a particular party access
to a given source
Denying - opposite of gaining access
Limiting - allowing some access to our resource , only up to a certain point
Revoking - takes access away from former user
AES - CORRECT ANSWER: uses three different ciphers : one with a 128 - bit key , one
with a 192 - bit key , and one with a 256 - bit key , all having a block length of 128 bits
Asymmetric cryptography - CORRECT ANSWER: a public key and a private key . The
public key is used to encrypt data sent from the sender to the receiver and is shared
with everyone . Private keys are used to decrypt data that arrives at the receiving end
and are very carefully guarded by the receive ( aka the public key cryptography )
Asymmetric Key Algorithms - CORRECT ANSWER: Secure Sockets Layer ( RSA )
Elliptic Curve Cryptography ( ECC )
Pretty Good Privacy ( PGP )
Transport Layer Security ( TLS )
Attack Types - CORRECT ANSWER: Interception
Interruption
Modification
Fabrication
Attack types and their effect - CORRECT ANSWER: Interception is the ONLY attack
that affects on confidentiality. Interruption, modification, and fabrication affects integrity
and availability because most of the time they're impacting data.
Attribute - based ( ABAC ) - CORRECT ANSWER: based on attributes , such as of a
person , resource , or an environment
, Auditing - CORRECT ANSWER: the examination and review of an organization's
records to ensure accountability through technical means .
Authentication - CORRECT ANSWER: verifying that a person is who they claim to be
Authorization - CORRECT ANSWER: what the user can access , modify , and delete
Availability - CORRECT ANSWER: For one's AUTHORIZED to ACCESS data when
needed
BinScope Binary Analyzer - CORRECT ANSWER: a tool developed by Microsoft to
examine source code for general good practices
Block Cipher - CORRECT ANSWER: takes a predetermined number of bits , known as
a block , in the plaintext message and encrypts that block
Brute Force - CORRECT ANSWER: an attack by submitting password attempts until
eventually guessed correctly
Buffer overflows - CORRECT ANSWER: a vulnerability that occurs when we do not
properly store the size of the data input into our applications , causing the program to
crash and an attacker to take advantage
Certificates - CORRECT ANSWER: link a public key to a particular individual and are
often used as a form of electronic identification for that particular person
Childrens ' Online Privacy Protection Act (COPPA) - CORRECT ANSWER: sets rules
on data collection for children under 13 to protect their online privacy
CIA Triad - CORRECT ANSWER: Confidential - allowing only those authorized to
access the data requested
Integrity - keeping data unaltered in an unauthorized manner and reliable
Availability - the ability for those authorized to access data when needed
Compliance - CORRECT ANSWER: conforming to a rule , such as specification , policy
, standard or law
Confidentiality - CORRECT ANSWER: WHO can access the data
Containment - CORRECT ANSWER: involves taking steps to ensure that the situation
does not cause any more damage than it already has , or to at least lessen any ongoing
harm
Cross - Site Scripting ( XSS ) - CORRECT ANSWER: an attack carried out by placing
INFORMATION SECURITY EXAM ACTUAL
OBJECTIVE ASSESSMENT 2026 TEST
BANK QUESTIONS AND VERIFIED
ANSWERS
3DES - CORRECT ANSWER: DES used to encrypt each block three times , each with a
different key
Access Control List - CORRECT ANSWER: info about what kind of access certain
parties are allowed to have to a given system
Read , write , execute
Access Control Models - CORRECT ANSWER: Discretionary ( DAC )
,Mandatory ( MAC )
Rule - based
Role - based ( RBAC )
Attribute - based ( ABAC )
Accountability - CORRECT ANSWER: Refers to making sure that a person is
responsible for their actions .
-It provides us with the means to trace activities in our environment back to their source
.
-Depends on identification , authentication , and access control being present so that we
can know who a given transaction is associated with , and what permissions were used
to allow them to carry it out .
Acess Control - CORRECT ANSWER: Allowing - lets us give a particular party access
to a given source
Denying - opposite of gaining access
Limiting - allowing some access to our resource , only up to a certain point
Revoking - takes access away from former user
AES - CORRECT ANSWER: uses three different ciphers : one with a 128 - bit key , one
with a 192 - bit key , and one with a 256 - bit key , all having a block length of 128 bits
Asymmetric cryptography - CORRECT ANSWER: a public key and a private key . The
public key is used to encrypt data sent from the sender to the receiver and is shared
with everyone . Private keys are used to decrypt data that arrives at the receiving end
and are very carefully guarded by the receive ( aka the public key cryptography )
Asymmetric Key Algorithms - CORRECT ANSWER: Secure Sockets Layer ( RSA )
Elliptic Curve Cryptography ( ECC )
Pretty Good Privacy ( PGP )
Transport Layer Security ( TLS )
Attack Types - CORRECT ANSWER: Interception
Interruption
Modification
Fabrication
Attack types and their effect - CORRECT ANSWER: Interception is the ONLY attack
that affects on confidentiality. Interruption, modification, and fabrication affects integrity
and availability because most of the time they're impacting data.
Attribute - based ( ABAC ) - CORRECT ANSWER: based on attributes , such as of a
person , resource , or an environment
, Auditing - CORRECT ANSWER: the examination and review of an organization's
records to ensure accountability through technical means .
Authentication - CORRECT ANSWER: verifying that a person is who they claim to be
Authorization - CORRECT ANSWER: what the user can access , modify , and delete
Availability - CORRECT ANSWER: For one's AUTHORIZED to ACCESS data when
needed
BinScope Binary Analyzer - CORRECT ANSWER: a tool developed by Microsoft to
examine source code for general good practices
Block Cipher - CORRECT ANSWER: takes a predetermined number of bits , known as
a block , in the plaintext message and encrypts that block
Brute Force - CORRECT ANSWER: an attack by submitting password attempts until
eventually guessed correctly
Buffer overflows - CORRECT ANSWER: a vulnerability that occurs when we do not
properly store the size of the data input into our applications , causing the program to
crash and an attacker to take advantage
Certificates - CORRECT ANSWER: link a public key to a particular individual and are
often used as a form of electronic identification for that particular person
Childrens ' Online Privacy Protection Act (COPPA) - CORRECT ANSWER: sets rules
on data collection for children under 13 to protect their online privacy
CIA Triad - CORRECT ANSWER: Confidential - allowing only those authorized to
access the data requested
Integrity - keeping data unaltered in an unauthorized manner and reliable
Availability - the ability for those authorized to access data when needed
Compliance - CORRECT ANSWER: conforming to a rule , such as specification , policy
, standard or law
Confidentiality - CORRECT ANSWER: WHO can access the data
Containment - CORRECT ANSWER: involves taking steps to ensure that the situation
does not cause any more damage than it already has , or to at least lessen any ongoing
harm
Cross - Site Scripting ( XSS ) - CORRECT ANSWER: an attack carried out by placing
