WGU D430 Fundamentals of Information
Security OA 2025/2026 — Complete Actual
Exam Questions & Verified Correct
Answers | A+ Graded | 100% Pass
Guaranteed
Information security - ANSWER " protecting information and information
systems from unauthorized access, use, disclosure, disruption, modification, or
destruction." - US law protection of digital assets.
secure - ANSWER It's difficult to define what it means to be truly secure.
When you can spot insecurities, you can take steps to mitigate them. Although
you'll never get to a truly secure state, you can take steps in the right direction.
m; as you increase the level of security, you decrease the level of productivity. The
cost of security should never outstrip the value of what it's protecting.
data at rest and in motion (and in use) - ANSWER data at rest is stored data not
in the process of being moved; usually protected with encryption at the level of the
file or the entire storage device.
Data in motion is data that is in the process of being moved; usually protected with
encryption, but in this case, the encryption protects the network protocol or the
path of the data.
,Data in use is the data that is actively being accessed at the moment. Protection
includes permissions and authentication of users. could be conflated with data in
motion.
defense by layer - ANSWER The layers of your defense-in-depth strategy will
vary depending on the situation and environment.
logical (nonphysical) layers: external network, network perimeter, internal
network, host, application, and data layers as areas to place your defenses.
m; defenses for layers can appear in more than one area. Penetration testing, for
example, can and should be used in all layers.
hash functions (aka keyless cryptography) - ANSWER a third type of modern
cryptography that doesn't use a key; instead THIS converts the plaintext into a
largely unique and fixed-length value, commonly referred to as a hash.
m; you can't use hashes to determine its input data. provides data integrity because
each unique input will have a unique hash.
A collision is when two different sets of data have the same hash.ex; MD5, SHA
digital signature - ANSWER an extension of hash functions to guarantee a
message has not been altered.
,m; encrypts the hash with the public key of an asymmetric algorithm to ensure that
the message was sent by the expected party and to ensure nonrepudiation on the
part of the sender.
digital certificates - ANSWER an electronic document used to associate an
individual, a server, or an organization with a public key; the purpose is to verify
an identity.
m; the receiver can check with a certificate authority to determine whether the
certificate is legitimate.
ex; think of THIS as a driver's license and a certificate authority as the DMV.
principle of least privilege - ANSWER dictates that you should give a party
only the bare minimum level of access it needs to perform its functionality.
compliance - ANSWER adherence to the rules and regulations that govern the
information you handle and the industry within which you operate. There are two
types: regulatory and industry.
regulatory compliance - ANSWER adherence to the laws specific to the
industry in which you're operating.
Industry compliance - ANSWER adherence to regulations that aren't mandated
by law but that can nonetheless have severe impacts upon your ability to conduct
business.
, Information security policy - ANSWER A document that defines information
security for an organization.
m; complying with this requirement means both putting a policy in place and being
able to prove that you've followed it with regular documentation.
key controls - ANSWER the primary controls used to manage risk in your
environment and have the following characteristics:
provides a reasonable degree of assurance that the risk will be mitigated if the
control fails, it is unlikely that another control could take over for it.The failure of
this control will affect the entire process.
compensating controls - ANSWER controls that replace impractical or
unfeasible key controls.
cloud models - ANSWER The cloud provider must take responsibility for the
portions of the environment that the users can't control.
infrastructure as a service (IaaS) - ANSWER provides access to virtual servers
and storage; requires adopting a greater level of responsibility.
ex; google cloud, amazon web services.
platform as a service (PaaS) - ANSWER provides prebuilt servers, such as
database or web servers; gives you some level of control and requires adopting
some level of responsibility.
Security OA 2025/2026 — Complete Actual
Exam Questions & Verified Correct
Answers | A+ Graded | 100% Pass
Guaranteed
Information security - ANSWER " protecting information and information
systems from unauthorized access, use, disclosure, disruption, modification, or
destruction." - US law protection of digital assets.
secure - ANSWER It's difficult to define what it means to be truly secure.
When you can spot insecurities, you can take steps to mitigate them. Although
you'll never get to a truly secure state, you can take steps in the right direction.
m; as you increase the level of security, you decrease the level of productivity. The
cost of security should never outstrip the value of what it's protecting.
data at rest and in motion (and in use) - ANSWER data at rest is stored data not
in the process of being moved; usually protected with encryption at the level of the
file or the entire storage device.
Data in motion is data that is in the process of being moved; usually protected with
encryption, but in this case, the encryption protects the network protocol or the
path of the data.
,Data in use is the data that is actively being accessed at the moment. Protection
includes permissions and authentication of users. could be conflated with data in
motion.
defense by layer - ANSWER The layers of your defense-in-depth strategy will
vary depending on the situation and environment.
logical (nonphysical) layers: external network, network perimeter, internal
network, host, application, and data layers as areas to place your defenses.
m; defenses for layers can appear in more than one area. Penetration testing, for
example, can and should be used in all layers.
hash functions (aka keyless cryptography) - ANSWER a third type of modern
cryptography that doesn't use a key; instead THIS converts the plaintext into a
largely unique and fixed-length value, commonly referred to as a hash.
m; you can't use hashes to determine its input data. provides data integrity because
each unique input will have a unique hash.
A collision is when two different sets of data have the same hash.ex; MD5, SHA
digital signature - ANSWER an extension of hash functions to guarantee a
message has not been altered.
,m; encrypts the hash with the public key of an asymmetric algorithm to ensure that
the message was sent by the expected party and to ensure nonrepudiation on the
part of the sender.
digital certificates - ANSWER an electronic document used to associate an
individual, a server, or an organization with a public key; the purpose is to verify
an identity.
m; the receiver can check with a certificate authority to determine whether the
certificate is legitimate.
ex; think of THIS as a driver's license and a certificate authority as the DMV.
principle of least privilege - ANSWER dictates that you should give a party
only the bare minimum level of access it needs to perform its functionality.
compliance - ANSWER adherence to the rules and regulations that govern the
information you handle and the industry within which you operate. There are two
types: regulatory and industry.
regulatory compliance - ANSWER adherence to the laws specific to the
industry in which you're operating.
Industry compliance - ANSWER adherence to regulations that aren't mandated
by law but that can nonetheless have severe impacts upon your ability to conduct
business.
, Information security policy - ANSWER A document that defines information
security for an organization.
m; complying with this requirement means both putting a policy in place and being
able to prove that you've followed it with regular documentation.
key controls - ANSWER the primary controls used to manage risk in your
environment and have the following characteristics:
provides a reasonable degree of assurance that the risk will be mitigated if the
control fails, it is unlikely that another control could take over for it.The failure of
this control will affect the entire process.
compensating controls - ANSWER controls that replace impractical or
unfeasible key controls.
cloud models - ANSWER The cloud provider must take responsibility for the
portions of the environment that the users can't control.
infrastructure as a service (IaaS) - ANSWER provides access to virtual servers
and storage; requires adopting a greater level of responsibility.
ex; google cloud, amazon web services.
platform as a service (PaaS) - ANSWER provides prebuilt servers, such as
database or web servers; gives you some level of control and requires adopting
some level of responsibility.
