WGU D430 Fundamentals of Information
Security ACTUAL EXAM 2026/2027 |
Information Security Fundamentals | Verified
Q&A | Pass Guaranteed - A+ Graded
Section 1: Security Foundations & Principles (12 questions)
Q1: A healthcare organization implements role-based access controls to ensure only authorized
physicians can view patient medical records. Which principle of the CIA triad is primarily being
protected?
A. Integrity
B. Confidentiality. [CORRECT]
C. Availability
D. Non-repudiation
Correct Answer: B
Rationale: Confidentiality ensures that sensitive information is accessible only to those authorized to
have access. Role-based access controls prevent unauthorized disclosure of patient data, directly
protecting confidentiality rather than data accuracy or system uptime.
Q2: An e-commerce website implements digital signatures for all purchase transactions. Which security
service is being provided?
A. Confidentiality
B. Integrity
C. Non-repudiation. [CORRECT]
D. Availability
Correct Answer: C
Rationale: Digital signatures provide non-repudiation by cryptographically binding a sender to their
message, preventing them from later denying they made the transaction. This creates legally
enforceable proof of origin and commitment.
,Q3: A bank implements multiple security layers including firewalls, intrusion detection systems,
encryption, and access controls to protect its online banking platform. This approach exemplifies:
A. Single sign-on
B. Defense in depth. [CORRECT]
C. Least privilege
D. Separation of duties
Correct Answer: B
Rationale: Defense in depth employs multiple overlapping security controls so that if one layer fails,
others remain to protect assets. This layered approach assumes no single control is perfect and creates
redundant protection across network, application, and data layers.
Q4: Which authentication factor category includes fingerprints and retinal patterns?
A. Something you know
B. Something you have
C. Something you are. [CORRECT]
D. Somewhere you are
Correct Answer: C
Rationale: Biometric characteristics (fingerprints, retinal patterns, facial recognition) represent
"something you are"—inherent physical or behavioral traits. These are difficult to replicate or share
compared to knowledge-based or possession-based factors.
Q5: An organization implements a policy requiring employees to use the minimum necessary
permissions to perform their job functions. This principle is known as:
A. Separation of duties
B. Least privilege. [CORRECT]
C. Need to know
D. Two-person integrity
Correct Answer: B
Rationale: Least privilege restricts users and processes to the minimum access rights required to
complete their tasks, limiting the potential damage from accidents, errors, or compromised credentials.
This reduces the attack surface and blast radius of security incidents.
Q6: Which security principle requires that critical tasks be divided among multiple individuals to prevent
fraud or error?
, A. Least privilege
B. Separation of duties. [CORRECT]
C. Defense in depth
D. Fail secure
Correct Answer: B
Rationale: Separation of duties ensures no single individual has complete control over a critical process
(e.g., authorization, custody, and recording of assets divided among different people). This prevents
both intentional fraud and unintentional errors by requiring collusion for misuse.
Q7: A system is designed to lock all accounts and deny access when a critical security component fails.
This design follows which principle?
A. Fail open
B. Fail secure. [CORRECT]
C. Fail soft
D. Failover
Correct Answer: B
Rationale: Fail secure (fail safe) designs default to a secure state when failures occur, prioritizing
security over availability. This prevents unauthorized access during system malfunctions, though it may
deny service to legitimate users until recovery.
Q8: Which term describes the assurance that data has not been altered or destroyed in an unauthorized
manner?
A. Confidentiality
B. Integrity. [CORRECT]
C. Availability
D. Authenticity
Correct Answer: B
Rationale: Integrity ensures data accuracy and completeness throughout its lifecycle, protecting against
unauthorized modification, deletion, or corruption. Hash functions, digital signatures, and version
controls are common integrity protection mechanisms.
Q9: An organization implements a security control to ensure systems remain accessible during a DDoS
attack. Which aspect of the CIA triad is being addressed?
Security ACTUAL EXAM 2026/2027 |
Information Security Fundamentals | Verified
Q&A | Pass Guaranteed - A+ Graded
Section 1: Security Foundations & Principles (12 questions)
Q1: A healthcare organization implements role-based access controls to ensure only authorized
physicians can view patient medical records. Which principle of the CIA triad is primarily being
protected?
A. Integrity
B. Confidentiality. [CORRECT]
C. Availability
D. Non-repudiation
Correct Answer: B
Rationale: Confidentiality ensures that sensitive information is accessible only to those authorized to
have access. Role-based access controls prevent unauthorized disclosure of patient data, directly
protecting confidentiality rather than data accuracy or system uptime.
Q2: An e-commerce website implements digital signatures for all purchase transactions. Which security
service is being provided?
A. Confidentiality
B. Integrity
C. Non-repudiation. [CORRECT]
D. Availability
Correct Answer: C
Rationale: Digital signatures provide non-repudiation by cryptographically binding a sender to their
message, preventing them from later denying they made the transaction. This creates legally
enforceable proof of origin and commitment.
,Q3: A bank implements multiple security layers including firewalls, intrusion detection systems,
encryption, and access controls to protect its online banking platform. This approach exemplifies:
A. Single sign-on
B. Defense in depth. [CORRECT]
C. Least privilege
D. Separation of duties
Correct Answer: B
Rationale: Defense in depth employs multiple overlapping security controls so that if one layer fails,
others remain to protect assets. This layered approach assumes no single control is perfect and creates
redundant protection across network, application, and data layers.
Q4: Which authentication factor category includes fingerprints and retinal patterns?
A. Something you know
B. Something you have
C. Something you are. [CORRECT]
D. Somewhere you are
Correct Answer: C
Rationale: Biometric characteristics (fingerprints, retinal patterns, facial recognition) represent
"something you are"—inherent physical or behavioral traits. These are difficult to replicate or share
compared to knowledge-based or possession-based factors.
Q5: An organization implements a policy requiring employees to use the minimum necessary
permissions to perform their job functions. This principle is known as:
A. Separation of duties
B. Least privilege. [CORRECT]
C. Need to know
D. Two-person integrity
Correct Answer: B
Rationale: Least privilege restricts users and processes to the minimum access rights required to
complete their tasks, limiting the potential damage from accidents, errors, or compromised credentials.
This reduces the attack surface and blast radius of security incidents.
Q6: Which security principle requires that critical tasks be divided among multiple individuals to prevent
fraud or error?
, A. Least privilege
B. Separation of duties. [CORRECT]
C. Defense in depth
D. Fail secure
Correct Answer: B
Rationale: Separation of duties ensures no single individual has complete control over a critical process
(e.g., authorization, custody, and recording of assets divided among different people). This prevents
both intentional fraud and unintentional errors by requiring collusion for misuse.
Q7: A system is designed to lock all accounts and deny access when a critical security component fails.
This design follows which principle?
A. Fail open
B. Fail secure. [CORRECT]
C. Fail soft
D. Failover
Correct Answer: B
Rationale: Fail secure (fail safe) designs default to a secure state when failures occur, prioritizing
security over availability. This prevents unauthorized access during system malfunctions, though it may
deny service to legitimate users until recovery.
Q8: Which term describes the assurance that data has not been altered or destroyed in an unauthorized
manner?
A. Confidentiality
B. Integrity. [CORRECT]
C. Availability
D. Authenticity
Correct Answer: B
Rationale: Integrity ensures data accuracy and completeness throughout its lifecycle, protecting against
unauthorized modification, deletion, or corruption. Hash functions, digital signatures, and version
controls are common integrity protection mechanisms.
Q9: An organization implements a security control to ensure systems remain accessible during a DDoS
attack. Which aspect of the CIA triad is being addressed?
