WGU C845 Information Systems Security
Exam 2026 Questions and Answers
Graded A+
AAA, Triple A - Correct answer-Referred to as the AAA of access control:
authentication, authorization, and accounting
algorithm - Correct answer-A mathematical function cryptographic algorithm that
encrypts or decrypts text
authentication - Correct answer-Method used to verify the identity claim of a user
authorization - Correct answer-The act of defining the network resources,
applications, and data that may be accessed by a user
availability - Correct answer-One of the central principles of the AIC triad. A core
goal of a security professional is to ensure that data and hardware are available
when the user requires them
©COPYRIGHT 2025,ALL RIGHTS RESERVED 1
,confidentiality - Correct answer-One of the central principles of the AIC triad;
represents a core goal of the security professional to ensure, possibly through
encryption, that sensitive information is protected from exposure
due care - Correct answer-The taking of actions that a reasonable and prudent
person would take in a given situation
due diligence - Correct answer-Refers to taking actions that prevent harm to
persons or their property
identification - Correct answer-A unique designation assigned to a member of a
group. A claim presented when desiring access
integrity - Correct answer-One of the central principles of the AIC triad; represents
a core goal of a security professional, to ensure that no changes have occurred to
data or a system, thus ensuring the data's integrity
job rotation - Correct answer-The act of shifting individuals between roles and
responsibilities to prohibit security violations
least privilege - Correct answer-Security principle that individuals are provided
with the least amount of information required to perform their jobs or duties
©COPYRIGHT 2025,ALL RIGHTS RESERVED 2
, mandatory vacation - Correct answer-A security control that allows the monitoring
of business functions without the availability of a principal or responsible
individual
separation of duties - Correct answer-A security program in which two or more
people are required to independently perform activities to complete an action
user ID - Correct answer-An assigned identification. Every user of the system
should have a unique user ID. Its use must still be authenticated
certification - Correct answer-The successful conclusion after a system or
application has been tested against preestablished standards
vulnerability assessment - Correct answer-The organized set of steps used to
identify and analyse threats and vulnerabilities to determine an organization's
overall risk
access control list (ACL) - Correct answer-A list of subjects and assigned rights
used in access control.
administrative controls - Correct answer-Controls put in place to enforce policies
and directives as dictated by the organization
biometrics - Correct answer-Hardware or software used to measure human
characteristics as part of an authentication system
©COPYRIGHT 2025,ALL RIGHTS RESERVED 3
Exam 2026 Questions and Answers
Graded A+
AAA, Triple A - Correct answer-Referred to as the AAA of access control:
authentication, authorization, and accounting
algorithm - Correct answer-A mathematical function cryptographic algorithm that
encrypts or decrypts text
authentication - Correct answer-Method used to verify the identity claim of a user
authorization - Correct answer-The act of defining the network resources,
applications, and data that may be accessed by a user
availability - Correct answer-One of the central principles of the AIC triad. A core
goal of a security professional is to ensure that data and hardware are available
when the user requires them
©COPYRIGHT 2025,ALL RIGHTS RESERVED 1
,confidentiality - Correct answer-One of the central principles of the AIC triad;
represents a core goal of the security professional to ensure, possibly through
encryption, that sensitive information is protected from exposure
due care - Correct answer-The taking of actions that a reasonable and prudent
person would take in a given situation
due diligence - Correct answer-Refers to taking actions that prevent harm to
persons or their property
identification - Correct answer-A unique designation assigned to a member of a
group. A claim presented when desiring access
integrity - Correct answer-One of the central principles of the AIC triad; represents
a core goal of a security professional, to ensure that no changes have occurred to
data or a system, thus ensuring the data's integrity
job rotation - Correct answer-The act of shifting individuals between roles and
responsibilities to prohibit security violations
least privilege - Correct answer-Security principle that individuals are provided
with the least amount of information required to perform their jobs or duties
©COPYRIGHT 2025,ALL RIGHTS RESERVED 2
, mandatory vacation - Correct answer-A security control that allows the monitoring
of business functions without the availability of a principal or responsible
individual
separation of duties - Correct answer-A security program in which two or more
people are required to independently perform activities to complete an action
user ID - Correct answer-An assigned identification. Every user of the system
should have a unique user ID. Its use must still be authenticated
certification - Correct answer-The successful conclusion after a system or
application has been tested against preestablished standards
vulnerability assessment - Correct answer-The organized set of steps used to
identify and analyse threats and vulnerabilities to determine an organization's
overall risk
access control list (ACL) - Correct answer-A list of subjects and assigned rights
used in access control.
administrative controls - Correct answer-Controls put in place to enforce policies
and directives as dictated by the organization
biometrics - Correct answer-Hardware or software used to measure human
characteristics as part of an authentication system
©COPYRIGHT 2025,ALL RIGHTS RESERVED 3
