WGU C813 ZGM1 POST- IMPLEMENTATION
ACTUAL EXAM PAPER 2026 QUESTIONS
WITH ANSWERS GRADED A+
◍ Biba model.
Answer: Primarily concerned with protecting the integrity of data, even at
the expense of confidentiality. - 2 security rules: the simple integrity axiom
and the * integrity axiom
◍ protocol issues.
Answer: unauthenticated flaws in network protocols, authenticated flaws in
network protocols, flaws in authentication protocols
◍ AES (Advanced Encryption Standard).
Answer: A set of symmetric block ciphers endorsed by the US government
through NIST. Shares the same block modes that DES uses and also
includes other modes such as XEX-based Tweaked CodeBook (TCB) mode
◍ What is machine learning?.
Answer: Machine learning is a subset of artificial intelligence that enables
systems to learn from data and improve their performance over time without
being explicitly programmed.
◍ What is descriptive analytics?.
Answer: Descriptive analytics involves summarizing historical data to
understand what has happened in the past.
◍ What is cloud computing?.
Answer: Cloud computing is the delivery of computing services over the
internet, allowing for on-demand access to resources like storage and
processing power.
,◍ exploits.
Answer: small bits of software that take advantage of flaws in
software/applications in order to cause them to behave in ways that were not
intended by their creators
◍ detective controls.
Answer: controls designed to detect and report undesirable events that are
taking place
◍ validating user inputs.
Answer: a security best practice for all software* the most effective way of
mitigating SQL injection attacks
◍ If you don't know the threat, how do you know what to protect?.
Answer: The 1st Law of Haas' Laws of Operations Security
◍ Purple Dragon.
Answer: The codename of a study conducted to discover the cause of an
information leak during the Vietnam War; is now a symbol of OPSEC
◍ ACL (Access Control List).
Answer: typically built to a certain resource, these contain the identifiers of
the party allowed to access the resource and what that party is allowed to do
◍ hash function (message digest).
Answer: keyless cryptography that creates a largely unique and fixed-length
hash value based on the original mesage
◍ What are the 3 Vs of big data?.
Answer: The 3 Vs of big data are Volume (amount of data), Velocity (speed
of data processing), and Variety (different types of data).
◍ DPI (Deep Packet Inspection).
Answer: a firewall technology that can analyze the actual content of the
traffic that is flowing through
◍ good sources of secure coding guidelines.
Answer: CERT, NIST 800, BSI, an organization's internal coding guidelines
, ◍ What is SQL?.
Answer: SQL (Structured Query Language) is a standard programming
language used to manage and manipulate relational databases.
◍ identification.
Answer: the claim of what someone or something is
◍ accountability.
Answer: this provides us with the means to trace activities in our
environment back to their source
◍ plaintext (cleartext).
Answer: unencrypted data
◍ executable space protection.
Answer: A hardware and software-based technology that prevents certain
portions of the memory used by the operating system and applications from
being used to execute code
◍ cryptographic attack.
Answer: A type of attack that can occur when we fail to properly design our
security mechanisms when implementing cryptographic controls in our
applications
◍ something you have.
Answer: A swipe card is an example of this type of factor
◍ honeypot.
Answer: A type of tool that deliberately displays vulnerabilities or attractive
data so it can detect, monitor, and sometimes tamper with the activities of an
attacker
◍ mutual authentication.
Answer: An authentication mechanism in which both parties authenticate
each other-can prevent a man-in-the-middle attack
◍ subject attributes.
Answer: Attributes of a particular individual, such as height
ACTUAL EXAM PAPER 2026 QUESTIONS
WITH ANSWERS GRADED A+
◍ Biba model.
Answer: Primarily concerned with protecting the integrity of data, even at
the expense of confidentiality. - 2 security rules: the simple integrity axiom
and the * integrity axiom
◍ protocol issues.
Answer: unauthenticated flaws in network protocols, authenticated flaws in
network protocols, flaws in authentication protocols
◍ AES (Advanced Encryption Standard).
Answer: A set of symmetric block ciphers endorsed by the US government
through NIST. Shares the same block modes that DES uses and also
includes other modes such as XEX-based Tweaked CodeBook (TCB) mode
◍ What is machine learning?.
Answer: Machine learning is a subset of artificial intelligence that enables
systems to learn from data and improve their performance over time without
being explicitly programmed.
◍ What is descriptive analytics?.
Answer: Descriptive analytics involves summarizing historical data to
understand what has happened in the past.
◍ What is cloud computing?.
Answer: Cloud computing is the delivery of computing services over the
internet, allowing for on-demand access to resources like storage and
processing power.
,◍ exploits.
Answer: small bits of software that take advantage of flaws in
software/applications in order to cause them to behave in ways that were not
intended by their creators
◍ detective controls.
Answer: controls designed to detect and report undesirable events that are
taking place
◍ validating user inputs.
Answer: a security best practice for all software* the most effective way of
mitigating SQL injection attacks
◍ If you don't know the threat, how do you know what to protect?.
Answer: The 1st Law of Haas' Laws of Operations Security
◍ Purple Dragon.
Answer: The codename of a study conducted to discover the cause of an
information leak during the Vietnam War; is now a symbol of OPSEC
◍ ACL (Access Control List).
Answer: typically built to a certain resource, these contain the identifiers of
the party allowed to access the resource and what that party is allowed to do
◍ hash function (message digest).
Answer: keyless cryptography that creates a largely unique and fixed-length
hash value based on the original mesage
◍ What are the 3 Vs of big data?.
Answer: The 3 Vs of big data are Volume (amount of data), Velocity (speed
of data processing), and Variety (different types of data).
◍ DPI (Deep Packet Inspection).
Answer: a firewall technology that can analyze the actual content of the
traffic that is flowing through
◍ good sources of secure coding guidelines.
Answer: CERT, NIST 800, BSI, an organization's internal coding guidelines
, ◍ What is SQL?.
Answer: SQL (Structured Query Language) is a standard programming
language used to manage and manipulate relational databases.
◍ identification.
Answer: the claim of what someone or something is
◍ accountability.
Answer: this provides us with the means to trace activities in our
environment back to their source
◍ plaintext (cleartext).
Answer: unencrypted data
◍ executable space protection.
Answer: A hardware and software-based technology that prevents certain
portions of the memory used by the operating system and applications from
being used to execute code
◍ cryptographic attack.
Answer: A type of attack that can occur when we fail to properly design our
security mechanisms when implementing cryptographic controls in our
applications
◍ something you have.
Answer: A swipe card is an example of this type of factor
◍ honeypot.
Answer: A type of tool that deliberately displays vulnerabilities or attractive
data so it can detect, monitor, and sometimes tamper with the activities of an
attacker
◍ mutual authentication.
Answer: An authentication mechanism in which both parties authenticate
each other-can prevent a man-in-the-middle attack
◍ subject attributes.
Answer: Attributes of a particular individual, such as height
