1|Page
WGU D430 Fundamentals of Information Security 2025/2026:
Comprehensive Graded A+ Questions and Complete Solutions with
Detailed Explanations, Guaranteed Pass,
Define the confidentiality in the CIA triad. - ANSWER=Our ability to protect data from those who
are not authorized to view it.
Protecting data in use - ANSWER=We are somewhat limited in our ability to protect data while it
is being used by those who legitimately have access to it. Authorized users can print files, move
them to other machines or storage devices, etc.
Rivest-Shamir-Adleman - ANSWER=encryption algorithm
Which term is synonymous with symmetric cryptography? - ANSWER=Secret key cryptography
Which term is synonymous with asymmetric cryptography? - ANSWER=Public key cryptography
regulatory compliance - ANSWER=Regulations mandated by law usually requiring regular audits
and assessments
industry compliance - ANSWER=Regulations or standards designed for specific industries that
may impact ability to conduct business (e.g. PCI DSS)
privacy - ANSWER=the right of people not to reveal information about themselves
GLBA - ANSWER="Graham-Leach-Bliley Act" (Financial Services Modernization Act of 1999)
repealed a 1933 law that barred the consolidation of financial institutions and insurance
companies. Included within GLBA are multiple sections relating to the privacy of financial
information. Companies must provide written notice to consumers of their privacy rights and
explain the company's procedures for safeguarding data.
,2|Page
laws and regulations - ANSWER=FISMA - the FI stands for " federal information "
FERPA - the E stands for " educational "
HIPPA - the HI stands for " health insurance "
HITECH - TECH means " technology "
PCI DSS the C stands for " credit card "
COPPA - the CO stands for " children online
SOX - rhymes with " stocks " , so think of finance
GLBA - this is the only one you would have to memorize
Confidentiality - ANSWER=WHO can access the data
Integrity - ANSWER=Keeping the data UNALTERED
Availability - ANSWER=For one's AUTHORIZED to ACCESS data when needed
Attack types and their effect - ANSWER=Interception is the ONLY attack that affects on
confidentiality. Interruption, modification, and fabrication affects integrity and availability
because most of the time they're impacting data.
Examples of confidentiality - ANSWER=A patron using an ATM card wants to keep their PIN
number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? - ANSWER=Losing a laptop
An attacker gets access to info
A person can look over your shoulder
,3|Page
Define integrity in the CIA triad. - ANSWER=The ability to prevent people from changing your
data and the ability to reverse unwanted changes.
How do you control integrity? - ANSWER=Permissions restrict what users can do (read, write,
etc.)
Firewalls - ANSWER=controls access to a network and the traffic that flows into and out of our
networks , naturally creating network segmentation when installed
Virtual Private Network ( VPN ) - ANSWER=the use of private networks to provide a solution for
sending sensitive traffic over unsecure networks
HIPAA - ANSWER=Health Insurance Portability and Accountability Act. Purpose is to improve the
efficiency and effectiveness of the health care system. Requires privacy protections for
individuals health information
HITECH - ANSWER=Health Information Technology for Economic and Clinical Health Act. Created
to promote and expand the adoption of health information technology specifically the use of
electronic health records.
US Patriot Act - ANSWER=Purpose is to deter and punish terroists acts in the United States and
around the world
E-FOIA - ANSWER=Electronic Freedom of Information Act. Requires agencies to provide the
public with electronic access to any of their reading room records that have been created by
them since November 1996
CFFA - ANSWER=Computer fraud and abuse act of 1986. A law to reduce the hacking and
cracking of government or other sensitive institutions computer systems
, 4|Page
CAN-SPAM Act - ANSWER=Controlling the Assault of Non-Solicited Pornography and Marketing
Act; protects consumers against unwanted email solicitations
COPPA - ANSWER=Children's Online Privacy Protection Act: a law that intends to keep children
under the age of 13 protected from the collection of private information and safety risks online.
PCI DSS - ANSWER=Payment Card Industry Data Security Standard. Security standards designed
to ensure all companies that accept , process, or transmit credit card information maintains a
secure environment(not a law)
Packet filtering - ANSWER=a technique by firewall to allow / block certain types of network
traffic based on the IP , port , and protocol being used .
Examples of integrity - ANSWER=Data used by a doctor to make medical decisions needs to be
correct or the patient can die.
Define the availability in the CIA triad. - ANSWER=Our data needs to be accessible when we
need it.
How can availability be broken? - ANSWER=Loss of power, application problems. If caused by an
attacker, this is a Denial of Service attack.
Define information security. - ANSWER=The protection of information and information systems
from unauthorized access, use, disclosure, disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. - ANSWER=The Parkerian Hexad includes
confidentiality, integrity, and availability from the CIA triad. It also includes possession (or
control), authenticity, and utility.
WGU D430 Fundamentals of Information Security 2025/2026:
Comprehensive Graded A+ Questions and Complete Solutions with
Detailed Explanations, Guaranteed Pass,
Define the confidentiality in the CIA triad. - ANSWER=Our ability to protect data from those who
are not authorized to view it.
Protecting data in use - ANSWER=We are somewhat limited in our ability to protect data while it
is being used by those who legitimately have access to it. Authorized users can print files, move
them to other machines or storage devices, etc.
Rivest-Shamir-Adleman - ANSWER=encryption algorithm
Which term is synonymous with symmetric cryptography? - ANSWER=Secret key cryptography
Which term is synonymous with asymmetric cryptography? - ANSWER=Public key cryptography
regulatory compliance - ANSWER=Regulations mandated by law usually requiring regular audits
and assessments
industry compliance - ANSWER=Regulations or standards designed for specific industries that
may impact ability to conduct business (e.g. PCI DSS)
privacy - ANSWER=the right of people not to reveal information about themselves
GLBA - ANSWER="Graham-Leach-Bliley Act" (Financial Services Modernization Act of 1999)
repealed a 1933 law that barred the consolidation of financial institutions and insurance
companies. Included within GLBA are multiple sections relating to the privacy of financial
information. Companies must provide written notice to consumers of their privacy rights and
explain the company's procedures for safeguarding data.
,2|Page
laws and regulations - ANSWER=FISMA - the FI stands for " federal information "
FERPA - the E stands for " educational "
HIPPA - the HI stands for " health insurance "
HITECH - TECH means " technology "
PCI DSS the C stands for " credit card "
COPPA - the CO stands for " children online
SOX - rhymes with " stocks " , so think of finance
GLBA - this is the only one you would have to memorize
Confidentiality - ANSWER=WHO can access the data
Integrity - ANSWER=Keeping the data UNALTERED
Availability - ANSWER=For one's AUTHORIZED to ACCESS data when needed
Attack types and their effect - ANSWER=Interception is the ONLY attack that affects on
confidentiality. Interruption, modification, and fabrication affects integrity and availability
because most of the time they're impacting data.
Examples of confidentiality - ANSWER=A patron using an ATM card wants to keep their PIN
number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? - ANSWER=Losing a laptop
An attacker gets access to info
A person can look over your shoulder
,3|Page
Define integrity in the CIA triad. - ANSWER=The ability to prevent people from changing your
data and the ability to reverse unwanted changes.
How do you control integrity? - ANSWER=Permissions restrict what users can do (read, write,
etc.)
Firewalls - ANSWER=controls access to a network and the traffic that flows into and out of our
networks , naturally creating network segmentation when installed
Virtual Private Network ( VPN ) - ANSWER=the use of private networks to provide a solution for
sending sensitive traffic over unsecure networks
HIPAA - ANSWER=Health Insurance Portability and Accountability Act. Purpose is to improve the
efficiency and effectiveness of the health care system. Requires privacy protections for
individuals health information
HITECH - ANSWER=Health Information Technology for Economic and Clinical Health Act. Created
to promote and expand the adoption of health information technology specifically the use of
electronic health records.
US Patriot Act - ANSWER=Purpose is to deter and punish terroists acts in the United States and
around the world
E-FOIA - ANSWER=Electronic Freedom of Information Act. Requires agencies to provide the
public with electronic access to any of their reading room records that have been created by
them since November 1996
CFFA - ANSWER=Computer fraud and abuse act of 1986. A law to reduce the hacking and
cracking of government or other sensitive institutions computer systems
, 4|Page
CAN-SPAM Act - ANSWER=Controlling the Assault of Non-Solicited Pornography and Marketing
Act; protects consumers against unwanted email solicitations
COPPA - ANSWER=Children's Online Privacy Protection Act: a law that intends to keep children
under the age of 13 protected from the collection of private information and safety risks online.
PCI DSS - ANSWER=Payment Card Industry Data Security Standard. Security standards designed
to ensure all companies that accept , process, or transmit credit card information maintains a
secure environment(not a law)
Packet filtering - ANSWER=a technique by firewall to allow / block certain types of network
traffic based on the IP , port , and protocol being used .
Examples of integrity - ANSWER=Data used by a doctor to make medical decisions needs to be
correct or the patient can die.
Define the availability in the CIA triad. - ANSWER=Our data needs to be accessible when we
need it.
How can availability be broken? - ANSWER=Loss of power, application problems. If caused by an
attacker, this is a Denial of Service attack.
Define information security. - ANSWER=The protection of information and information systems
from unauthorized access, use, disclosure, disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. - ANSWER=The Parkerian Hexad includes
confidentiality, integrity, and availability from the CIA triad. It also includes possession (or
control), authenticity, and utility.
