WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM OBJECTIVE
ASSESSMENT NEWEST 2026 EXAM 300 QUESTIONS AND COR
SECTION 1: CORE SECURITY PRINCIPLES (CIA Triad & Parkerian Hexad)
Questions 1-25
Question 1
Which of the following best describes the "Confidentiality" principle of
information security?
A) Ensuring that data is accurate and has not been tampered with
B) Ensuring that data is available when needed by authorized users
C) Ensuring that data is only accessible to authorized individuals
D) Ensuring that data is stored in encrypted format at all times
Answer: C
Rationale: Confidentiality is about preventing unauthorized access to data. It
ensures that only those with proper permissions can view or access sensitive
information. Encryption is a method used to enforce confidentiality, but the
principle itself focuses on access restriction .
,Question 2
An attacker intercepts and alters a communication between two parties. Which
two principles of the CIA Triad have been violated?
A) Confidentiality and Availability
B) Integrity and Availability
C) Confidentiality and Integrity
D) Authenticity and Utility
Answer: C
Rationale: Intercepting the communication violates Confidentiality (unauthorized
access to data), while altering the message violates Integrity (unauthorized
modification of data). This is a classic example of a man-in-the-middle attack
targeting both confidentiality and integrity .
Question 3
A denial-of-service (DoS) attack primarily targets which security principle?
A) Confidentiality
,B) Integrity
C) Availability
D) Non-repudiation
Answer: C
Rationale: Availability ensures that information and resources are accessible to
authorized users when needed. A DoS attack floods a system with traffic or
requests, making it unavailable to legitimate users—this directly attacks
availability .
Question 4
What does the CIA Triad stand for?
A) Control, Integrity, Access
B) Confidentiality, Integrity, Availability
C) Cyber, Information, Access
D) Control, Information, Authorization
Answer: B
, Rationale: The CIA Triad is the foundational model of information security,
representing Confidentiality, Integrity, and Availability. These three principles
guide all security decisions and controls .
Question 5
A system that provides proof of the integrity and origin of data is said to provide:
A) Non-repudiation
B) Authentication
C) Authorization
D) Accounting
Answer: A
Rationale: Non-repudiation ensures that a party cannot deny having performed a
particular action, typically through digital signatures and audit logs. This provides
proof of both data integrity and origin .
Question 6
ASSESSMENT NEWEST 2026 EXAM 300 QUESTIONS AND COR
SECTION 1: CORE SECURITY PRINCIPLES (CIA Triad & Parkerian Hexad)
Questions 1-25
Question 1
Which of the following best describes the "Confidentiality" principle of
information security?
A) Ensuring that data is accurate and has not been tampered with
B) Ensuring that data is available when needed by authorized users
C) Ensuring that data is only accessible to authorized individuals
D) Ensuring that data is stored in encrypted format at all times
Answer: C
Rationale: Confidentiality is about preventing unauthorized access to data. It
ensures that only those with proper permissions can view or access sensitive
information. Encryption is a method used to enforce confidentiality, but the
principle itself focuses on access restriction .
,Question 2
An attacker intercepts and alters a communication between two parties. Which
two principles of the CIA Triad have been violated?
A) Confidentiality and Availability
B) Integrity and Availability
C) Confidentiality and Integrity
D) Authenticity and Utility
Answer: C
Rationale: Intercepting the communication violates Confidentiality (unauthorized
access to data), while altering the message violates Integrity (unauthorized
modification of data). This is a classic example of a man-in-the-middle attack
targeting both confidentiality and integrity .
Question 3
A denial-of-service (DoS) attack primarily targets which security principle?
A) Confidentiality
,B) Integrity
C) Availability
D) Non-repudiation
Answer: C
Rationale: Availability ensures that information and resources are accessible to
authorized users when needed. A DoS attack floods a system with traffic or
requests, making it unavailable to legitimate users—this directly attacks
availability .
Question 4
What does the CIA Triad stand for?
A) Control, Integrity, Access
B) Confidentiality, Integrity, Availability
C) Cyber, Information, Access
D) Control, Information, Authorization
Answer: B
, Rationale: The CIA Triad is the foundational model of information security,
representing Confidentiality, Integrity, and Availability. These three principles
guide all security decisions and controls .
Question 5
A system that provides proof of the integrity and origin of data is said to provide:
A) Non-repudiation
B) Authentication
C) Authorization
D) Accounting
Answer: A
Rationale: Non-repudiation ensures that a party cannot deny having performed a
particular action, typically through digital signatures and audit logs. This provides
proof of both data integrity and origin .
Question 6
