WGU D430 FUNDAMENTALS OF INFORMATION SECURITY
EXAM OBJECTIVE ASSESSMENT NEWEST 2025/2026 TEST
BANK ACTUAL EXAM 300 QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A
1.protecting data, software, and hardware secure against unauthorized
access, use, disclosure, disruption, modification, or destruction.
..ANSWER..Information security
The requirements that are set forth by laws and industry regulations.
2.IE: HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies ..ANSWER..Compliance
3.Disclosure, alteration, and denial ..ANSWER..DAD Triad
4.The core model of all information security concepts. Confidential,
integrity and availability ..ANSWER..CIA Triad
5.Ability to protect our data from those who are not authorized to view
it. ..ANSWER..Confidential
6.Keeping data unaltered by accidental or malicious intent
..ANSWER..integrity
Prevent unauthorized changes to the data and the ability to reverse
unwanted authorized changes.
7.Via system/file permissions or Undo/Roll back undesirable changes.
..ANSWER..How to maintain integrity?
8.The ability to access data when needed ..ANSWER..Availability
- Power loss
- Application issues
1|Page
,- Network attacks
- System compromised (DoS) .. Ways Availability can be compromised
8.Security problem in which users are not able to access an information
system; can be caused by human errors, natural disaster, or malicious
activity. ..ANSWER..Denial of Service (DoS)
9.A model that adds three more principles to the CIA triad:
Possession/Control
Utility
Authenticity ..ANSWER..Parkerian hexad model
10.Refers to the physical disposition of the media on which the data is
stored; This allows you to discuss loss of data via its physical medium.
..ANSWER..Possession/ control
Lost package (encrypted USB's and unencrypted USB's)
possession is an issue because the tapes are physically lost.
11.(Unencrypted is compromised via confidentiality and possession;
encrypted is compromised only via possession). ..ANSWER..Principle of
Possession example
12.Allows you to say whether you've attributed the data in question to
the proper owner/creator. ..ANSWER..Principle of Authenticity
13.Sending an email but altering the message to look like it came from
someone else, than the original one that was sent. ..ANSWER..Ways
authenticity can be compromised
14.How useful the data is to you.
2|Page
,Ex. Unencrypted (a lot of utility) Encrypted (little utility).
..ANSWER..Utility
15.Broken down from the type of attack, risk the attack represents, and
controls you might use to mitigate it. ..ANSWER..Security Attacks
1- interception
2- interruption
3- modification
4- fabrication ..ANSWER..Types of attacks
Attacks allows unauthorized users to access our data, applications, or
environments.
Primarily an attack against confidentiality ..ANSWER..Interception
Unauthorized file viewing, copying, eavesdropping on phone
conversations, reading someone's emails. ..ANSWER..Interception
Attack Examples
Attacks cause our assets to become unstable or unavailable for our use,
on a temporary or permanent basis.
3|Page
, This attack affects availability but can also attack integrity
..ANSWER..Interruption
DoS attack on a mail server; availability attack
Attacker manipulates the processes on which a database runs to
prevent access; integrity attack.
Could also be a combo of both. ..ANSWER..Interruption Attack
Examples
Attacks involve tampering with our asset.
Such attacks might primarily be considered an integrity attack, but
could also be an availability attack. ..ANSWER..Modification
Accessing a file in a unauthorized manner and alter the data it contains;
affects the integrity.
If the file in question is a config file that manages how a service
behaves (web server) this may affect the availability.
4|Page
EXAM OBJECTIVE ASSESSMENT NEWEST 2025/2026 TEST
BANK ACTUAL EXAM 300 QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A
1.protecting data, software, and hardware secure against unauthorized
access, use, disclosure, disruption, modification, or destruction.
..ANSWER..Information security
The requirements that are set forth by laws and industry regulations.
2.IE: HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies ..ANSWER..Compliance
3.Disclosure, alteration, and denial ..ANSWER..DAD Triad
4.The core model of all information security concepts. Confidential,
integrity and availability ..ANSWER..CIA Triad
5.Ability to protect our data from those who are not authorized to view
it. ..ANSWER..Confidential
6.Keeping data unaltered by accidental or malicious intent
..ANSWER..integrity
Prevent unauthorized changes to the data and the ability to reverse
unwanted authorized changes.
7.Via system/file permissions or Undo/Roll back undesirable changes.
..ANSWER..How to maintain integrity?
8.The ability to access data when needed ..ANSWER..Availability
- Power loss
- Application issues
1|Page
,- Network attacks
- System compromised (DoS) .. Ways Availability can be compromised
8.Security problem in which users are not able to access an information
system; can be caused by human errors, natural disaster, or malicious
activity. ..ANSWER..Denial of Service (DoS)
9.A model that adds three more principles to the CIA triad:
Possession/Control
Utility
Authenticity ..ANSWER..Parkerian hexad model
10.Refers to the physical disposition of the media on which the data is
stored; This allows you to discuss loss of data via its physical medium.
..ANSWER..Possession/ control
Lost package (encrypted USB's and unencrypted USB's)
possession is an issue because the tapes are physically lost.
11.(Unencrypted is compromised via confidentiality and possession;
encrypted is compromised only via possession). ..ANSWER..Principle of
Possession example
12.Allows you to say whether you've attributed the data in question to
the proper owner/creator. ..ANSWER..Principle of Authenticity
13.Sending an email but altering the message to look like it came from
someone else, than the original one that was sent. ..ANSWER..Ways
authenticity can be compromised
14.How useful the data is to you.
2|Page
,Ex. Unencrypted (a lot of utility) Encrypted (little utility).
..ANSWER..Utility
15.Broken down from the type of attack, risk the attack represents, and
controls you might use to mitigate it. ..ANSWER..Security Attacks
1- interception
2- interruption
3- modification
4- fabrication ..ANSWER..Types of attacks
Attacks allows unauthorized users to access our data, applications, or
environments.
Primarily an attack against confidentiality ..ANSWER..Interception
Unauthorized file viewing, copying, eavesdropping on phone
conversations, reading someone's emails. ..ANSWER..Interception
Attack Examples
Attacks cause our assets to become unstable or unavailable for our use,
on a temporary or permanent basis.
3|Page
, This attack affects availability but can also attack integrity
..ANSWER..Interruption
DoS attack on a mail server; availability attack
Attacker manipulates the processes on which a database runs to
prevent access; integrity attack.
Could also be a combo of both. ..ANSWER..Interruption Attack
Examples
Attacks involve tampering with our asset.
Such attacks might primarily be considered an integrity attack, but
could also be an availability attack. ..ANSWER..Modification
Accessing a file in a unauthorized manner and alter the data it contains;
affects the integrity.
If the file in question is a config file that manages how a service
behaves (web server) this may affect the availability.
4|Page
