WGU D430 FUNDAMENTALS OF INFORMATION
SECURITY STUDY GUIDE EXAM QUESTIONS WITH
100% CORRECT ANSWERS LATEST UPDATE
2025/2026 NEW MODIFIED EXAM
Identify the four types of attacks -- ANSWER--interception, interruption,
modification, and fabrication
Interception attacks -- ANSWER--Make your assets unusable or unavailable
Interruption attacks -- ANSWER--cause assets to become unusable or
unavailable for our use, on a temporary or permanent basis
Modification attacks -- ANSWER--Tampering with an asset
Fabrication attacks -- ANSWER--Generating data, process, and
communications
Define integrity in the CIA triad. -- ANSWER--The ability to prevent people
from changing your data and the ability to reverse unwanted changes.
How do you control integrity? -- ANSWER--Permissions restrict what users can
do (read, write, etc.)
Page 1 of 116
,Examples of integrity -- ANSWER--Data used by a doctor to make medical
decisions needs to be correct or the patient can die.
Define the confidentiality in the CIA triad. -- ANSWER--Our ability to protect
data from those who are not authorized to view it.
Examples of confidentiality -- ANSWER--A patron using an ATM card wants
to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? -- ANSWER--Losing a laptop
An attacker gets access to info
A person can look over your shoulder
Define the availability in the CIA triad. -- ANSWER--Our data needs to be
accessible when we need it.
How can availability be broken? -- ANSWER--Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
Define information security. -- ANSWER--The protection of information and
information systems from unauthorized access, use, disclosure, disruption,
Page 2 of 116
,modification, or destruction in order to provide confidentiality, integrity, and
availability.
Define the Parkerian Hexad and its principles. -- ANSWER--The Parkerian
Hexad includes confidentiality, integrity, and availability from the CIA triad. It
also includes possession (or control), authenticity, and utility.
Authenticity -- ANSWER--Whether the data in question comes from who or
where it says it comes from (i.e. did this person actually send this email?)
Confidentiality is affected by what type of attack? -- ANSWER--Interception
(eaves dropping)
Integrity is affected by what type of attacks? -- ANSWER--Interruption (assets
are unusable), modification (tampering with an asset), fabrication (generating
false data)
Authenticity is affected by what type of attacks? -- ANSWER--Interruption
(assets are unusable), modification (tampering with an asset), fabrication
(generating false data)
Utility -- ANSWER--How useful the data is to you (can be a spectrum, not just
yes or no)
Page 3 of 116
, Possession -- ANSWER--Do you physically have the data in question? Used to
describe the scope of a loss
Define the risk management process -- ANSWER--1. Identify assets
2. Identify threats
3. Assess vulnerabilities
4. Assess risks
5. Mitigate risks
Define the incident response process and its stages. -- ANSWER--Preparation
Detection and analysis
Containment
Eradication
Recovery
Preparation in incident response -- ANSWER--creating policies and procedures
Detection in incident response -- ANSWER--Using tools and humans to decide
if an incident is an incident
Page 4 of 116
SECURITY STUDY GUIDE EXAM QUESTIONS WITH
100% CORRECT ANSWERS LATEST UPDATE
2025/2026 NEW MODIFIED EXAM
Identify the four types of attacks -- ANSWER--interception, interruption,
modification, and fabrication
Interception attacks -- ANSWER--Make your assets unusable or unavailable
Interruption attacks -- ANSWER--cause assets to become unusable or
unavailable for our use, on a temporary or permanent basis
Modification attacks -- ANSWER--Tampering with an asset
Fabrication attacks -- ANSWER--Generating data, process, and
communications
Define integrity in the CIA triad. -- ANSWER--The ability to prevent people
from changing your data and the ability to reverse unwanted changes.
How do you control integrity? -- ANSWER--Permissions restrict what users can
do (read, write, etc.)
Page 1 of 116
,Examples of integrity -- ANSWER--Data used by a doctor to make medical
decisions needs to be correct or the patient can die.
Define the confidentiality in the CIA triad. -- ANSWER--Our ability to protect
data from those who are not authorized to view it.
Examples of confidentiality -- ANSWER--A patron using an ATM card wants
to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? -- ANSWER--Losing a laptop
An attacker gets access to info
A person can look over your shoulder
Define the availability in the CIA triad. -- ANSWER--Our data needs to be
accessible when we need it.
How can availability be broken? -- ANSWER--Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
Define information security. -- ANSWER--The protection of information and
information systems from unauthorized access, use, disclosure, disruption,
Page 2 of 116
,modification, or destruction in order to provide confidentiality, integrity, and
availability.
Define the Parkerian Hexad and its principles. -- ANSWER--The Parkerian
Hexad includes confidentiality, integrity, and availability from the CIA triad. It
also includes possession (or control), authenticity, and utility.
Authenticity -- ANSWER--Whether the data in question comes from who or
where it says it comes from (i.e. did this person actually send this email?)
Confidentiality is affected by what type of attack? -- ANSWER--Interception
(eaves dropping)
Integrity is affected by what type of attacks? -- ANSWER--Interruption (assets
are unusable), modification (tampering with an asset), fabrication (generating
false data)
Authenticity is affected by what type of attacks? -- ANSWER--Interruption
(assets are unusable), modification (tampering with an asset), fabrication
(generating false data)
Utility -- ANSWER--How useful the data is to you (can be a spectrum, not just
yes or no)
Page 3 of 116
, Possession -- ANSWER--Do you physically have the data in question? Used to
describe the scope of a loss
Define the risk management process -- ANSWER--1. Identify assets
2. Identify threats
3. Assess vulnerabilities
4. Assess risks
5. Mitigate risks
Define the incident response process and its stages. -- ANSWER--Preparation
Detection and analysis
Containment
Eradication
Recovery
Preparation in incident response -- ANSWER--creating policies and procedures
Detection in incident response -- ANSWER--Using tools and humans to decide
if an incident is an incident
Page 4 of 116
