1|Page
WGU C836 FUNDAMENTALS OF INFORMATION
SECURITY OA 2025/ 2026 ACTUAL EXAM CURRENTLY
TESTING COMPLETE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS WITH RATIONALES
(100% CORRECT ANSWERS) /ALREADY GRADED
A+||LATEST EXAM!!!||
A new start-up company has started working on a social
networking website. The company has moved all its
source code to a cloud provider and wants to protect this
source code from unauthorized access.
Which cyber defense concept should the start-up
company use to maintain the confidentiality of its source
code?
A Alarm systems
B Account permissions
C Antivirus software
D File encryption - Answer-D
A company has an annual audit of installed software and
data storage systems. During the audit, the auditor asks
,2|Page
how the company's most critical data is used. This
determination helps the auditor ensure that the proper
defense mechanisms are in place to protect critical data.
Which principle of the Parkerian hexad is the auditor
addressing?
A Possession
B Integrity
C Authenticity
D Utility - Answer-D
Which web attack is possible due to a lack of input
validation?
A Extraneous files
B Clickjacking
C SQL injection
D Cross-site request forgery - Answer-C
,3|Page
Which file action implements the principle of confidentiality
from the CIA triad?
A Compression
B Hash
C Backup
D Encryption - Answer-D
Which cyber defense concept suggests limiting
permissions to only what is necessary to perform a
particular task?
A Authentication
B Authorization
C Defense in depth
D Principle of least privilege - Answer-D
A company institutes a new policy that "All office computer
monitors must face toward employees and must face
away from doorways. The monitor screens must not be
visible to people visiting the office."
, 4|Page
Which principle of the CIA triad is this company applying?
A Availability
B Confidentiality
C Utility
D Integrity - Answer-B
Which cybersecurity term is defined as the potential for an
attack on a resource?
A Impact
B Vulnerability
C Risk
D Threat - Answer-D
Which security type deliberately exposes a system's
vulnerabilities or resources to an attacker?
A Intrusion detection
B Firewalls
C Honeypots
D Intrusion prevention - Answer-C
WGU C836 FUNDAMENTALS OF INFORMATION
SECURITY OA 2025/ 2026 ACTUAL EXAM CURRENTLY
TESTING COMPLETE EXAM QUESTIONS WITH
DETAILED VERIFIED ANSWERS WITH RATIONALES
(100% CORRECT ANSWERS) /ALREADY GRADED
A+||LATEST EXAM!!!||
A new start-up company has started working on a social
networking website. The company has moved all its
source code to a cloud provider and wants to protect this
source code from unauthorized access.
Which cyber defense concept should the start-up
company use to maintain the confidentiality of its source
code?
A Alarm systems
B Account permissions
C Antivirus software
D File encryption - Answer-D
A company has an annual audit of installed software and
data storage systems. During the audit, the auditor asks
,2|Page
how the company's most critical data is used. This
determination helps the auditor ensure that the proper
defense mechanisms are in place to protect critical data.
Which principle of the Parkerian hexad is the auditor
addressing?
A Possession
B Integrity
C Authenticity
D Utility - Answer-D
Which web attack is possible due to a lack of input
validation?
A Extraneous files
B Clickjacking
C SQL injection
D Cross-site request forgery - Answer-C
,3|Page
Which file action implements the principle of confidentiality
from the CIA triad?
A Compression
B Hash
C Backup
D Encryption - Answer-D
Which cyber defense concept suggests limiting
permissions to only what is necessary to perform a
particular task?
A Authentication
B Authorization
C Defense in depth
D Principle of least privilege - Answer-D
A company institutes a new policy that "All office computer
monitors must face toward employees and must face
away from doorways. The monitor screens must not be
visible to people visiting the office."
, 4|Page
Which principle of the CIA triad is this company applying?
A Availability
B Confidentiality
C Utility
D Integrity - Answer-B
Which cybersecurity term is defined as the potential for an
attack on a resource?
A Impact
B Vulnerability
C Risk
D Threat - Answer-D
Which security type deliberately exposes a system's
vulnerabilities or resources to an attacker?
A Intrusion detection
B Firewalls
C Honeypots
D Intrusion prevention - Answer-C
