WGU C836/D430 Fundamentals of
Information Security Exam Questions and
Answers
Question 1
Define the incident response process and its stages.
Correct Answer
Preparation
Detection and analysis
Containment
Eradication
Recovery
Question 2
Defense in Depth
Correct Answer
employing multiple layers of controls to avoid a single point of failure
Page 1 of 257
,Question 3
Auditing
Correct Answer
Hold users of your system accountable. A methodical examination and review of an
organization's records.
Question 4
privacy
Correct Answer
the right of people not to reveal information about themselves
Question 5
Define information security.
Correct Answer
The protection of information and information systems from unauthorized access,
use, disclosure, disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
Page 2 of 257
,Question 6
Identify password security best practices.
Correct Answer
Upper case
Lower case
Numbers
Symbols
Question 1: A financial institution requires employees to authenticate using a
password and a biometric scan before accessing customer records. Which security
concept is being applied?
A. Separation of duties
B. Least privilege
C. Multi-factor authentication
D. Role-based access control
CORRECT ANSWER: C. Multi-factor authentication
Rationale: Multi-factor authentication (MFA) requires two or more distinct
authentication factors: something you know (password), something you have
(token), or something you are (biometric). Using a password plus a biometric scan
satisfies the "knowledge" and "inherence" factors. Separation of duties (A) divides
critical tasks among multiple users. Least privilege (B) grants only necessary access.
RBAC (D) assigns permissions based on job roles.
Question 2: Which cryptographic method uses the same key for both encryption
and decryption?
A. Asymmetric encryption
B. Symmetric encryption
C. Hashing
Page 3 of 257
, D. Digital signatures
CORRECT ANSWER: B. Symmetric encryption
Rationale: Symmetric encryption uses a single shared secret key for both encrypting
plaintext and decrypting ciphertext. Examples include AES, DES, and 3DES.
Asymmetric encryption (A) uses a public/private key pair. Hashing (C) is one-way
and does not decrypt. Digital signatures (D) use asymmetric cryptography for
authentication and integrity.
Question 3: A company experiences a ransomware attack that encrypts critical
servers and demands payment for the decryption key. Which security control would
BEST prevent this type of incident from causing permanent data loss?
A. Intrusion detection system (IDS)
B. Regular offline backups with tested recovery procedures
C. Network segmentation
D. Endpoint detection and response (EDR)
CORRECT ANSWER: B. Regular offline backups with tested recovery procedures
Rationale: Offline, air-gapped backups that are regularly tested ensure data can be
restored without paying ransoms, directly addressing the availability and integrity
impact of ransomware. IDS (A) and EDR (D) detect or respond to threats but do not
guarantee data recovery. Network segmentation (C) limits lateral movement but
does not replace backups.
Question 4: Which access control model assigns permissions based on security
clearances and data classification labels?
Page 4 of 257
Information Security Exam Questions and
Answers
Question 1
Define the incident response process and its stages.
Correct Answer
Preparation
Detection and analysis
Containment
Eradication
Recovery
Question 2
Defense in Depth
Correct Answer
employing multiple layers of controls to avoid a single point of failure
Page 1 of 257
,Question 3
Auditing
Correct Answer
Hold users of your system accountable. A methodical examination and review of an
organization's records.
Question 4
privacy
Correct Answer
the right of people not to reveal information about themselves
Question 5
Define information security.
Correct Answer
The protection of information and information systems from unauthorized access,
use, disclosure, disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
Page 2 of 257
,Question 6
Identify password security best practices.
Correct Answer
Upper case
Lower case
Numbers
Symbols
Question 1: A financial institution requires employees to authenticate using a
password and a biometric scan before accessing customer records. Which security
concept is being applied?
A. Separation of duties
B. Least privilege
C. Multi-factor authentication
D. Role-based access control
CORRECT ANSWER: C. Multi-factor authentication
Rationale: Multi-factor authentication (MFA) requires two or more distinct
authentication factors: something you know (password), something you have
(token), or something you are (biometric). Using a password plus a biometric scan
satisfies the "knowledge" and "inherence" factors. Separation of duties (A) divides
critical tasks among multiple users. Least privilege (B) grants only necessary access.
RBAC (D) assigns permissions based on job roles.
Question 2: Which cryptographic method uses the same key for both encryption
and decryption?
A. Asymmetric encryption
B. Symmetric encryption
C. Hashing
Page 3 of 257
, D. Digital signatures
CORRECT ANSWER: B. Symmetric encryption
Rationale: Symmetric encryption uses a single shared secret key for both encrypting
plaintext and decrypting ciphertext. Examples include AES, DES, and 3DES.
Asymmetric encryption (A) uses a public/private key pair. Hashing (C) is one-way
and does not decrypt. Digital signatures (D) use asymmetric cryptography for
authentication and integrity.
Question 3: A company experiences a ransomware attack that encrypts critical
servers and demands payment for the decryption key. Which security control would
BEST prevent this type of incident from causing permanent data loss?
A. Intrusion detection system (IDS)
B. Regular offline backups with tested recovery procedures
C. Network segmentation
D. Endpoint detection and response (EDR)
CORRECT ANSWER: B. Regular offline backups with tested recovery procedures
Rationale: Offline, air-gapped backups that are regularly tested ensure data can be
restored without paying ransoms, directly addressing the availability and integrity
impact of ransomware. IDS (A) and EDR (D) detect or respond to threats but do not
guarantee data recovery. Network segmentation (C) limits lateral movement but
does not replace backups.
Question 4: Which access control model assigns permissions based on security
clearances and data classification labels?
Page 4 of 257
