WGU C836 OA Study Guide Newest
2025/2026 Complete Questions and Correct
Detailed Answers Already Graded A+|Newest
Version
Risk Management Process - CORRECT ANSWER-1. Identify Asset
2. Identify Threats
3. Assess Vulnerabilities
4. Assess Risk
5. Mitigate Risk
CIA Triad - CORRECT ANSWER-Confidentiality, Integrity, Availability
,Parkerian hexad - CORRECT ANSWER-Where the CIA triad consists of
confidentiality, integrity, and availability, the Parkerian hexad consists of these
three principles, as well as possession or control, authenticity, and utility
Confidentiality - CORRECT ANSWER-Refers to our ability to protect our data
from those who are not authorized to view it.
Confidentiality can be compromised by the loss of a laptop containing data, a
person looking over our shoulder while we type a password, an e-mail attachment
being sent to the wrong person, an attacker penetrating our systems, or similar
issues.
Integrity - CORRECT ANSWER-Refers to the ability to prevent our data from
being changed in an unauthorized or undesirable manner. This could mean the
unauthorized change or deletion of our data or portions of our data, or it could
mean an authorized, but undesirable, change or deletion of our data. To maintain
integrity, we not only need to have the means to prevent unauthorized changes
to our data but also need the ability to reverse authorized changes that need to
be undone.
Availability - CORRECT ANSWER-refers to the ability to access our data when
we need it. Loss of availability can refer to a wide variety of breaks anywhere in
the chain that allows us access to our data. Such issues can result from power
,loss, operating system or application problems, network attacks, compromise of a
system, or other problems. When such issues are caused by an outside party, such
as an attacker, they are commonly referred to as a denial of service (DoS) attack.
Possession or Control - CORRECT ANSWER-Refers to the physical disposition of
the media on which the data is stored. This enables us, without involving other
factors such as availability, to discuss our loss of the data in its physical medium
An example is data store be on multiple devices and there could be numerous
versions.
Authenticity - CORRECT ANSWER-Attribution as to the owner or creator of the
data in question.
Authenticity can be enforced through the use of digital signatures.
Utility - CORRECT ANSWER-Refers to how useful the data is to us.
Interception - CORRECT ANSWER-Interception attacks allow unauthorized
users to access our data, applications, or environments and are primarily an
attack against confidentiality. Interception might take the form of unauthorized
, file viewing or copying, eavesdropping on phone conversations, or reading e-mail,
and can be conducted against data at rest or in motion. Properly executed,
interception attacks can be very difficult to detect.
Affects Confidentiality
Interruption - CORRECT ANSWER-Interruption attacks cause our assets to
become unusable or unavailable for our use, on a temporary or permanent basis.
Interruption attacks often affect availability but can be an attack on integrity as
well. In the case of a DoS attack on a mail server, we would classify this as an
availability attack.
Affects Integrity and availability
Modification - CORRECT ANSWER-Modification attacks involve tampering with
our asset. If we access a file in an unauthorized manner and alter the data it
contains, we have affected the integrity of the data contained in the file.
Fabrication - CORRECT ANSWER-Fabrication attacks involve generating data,
processes, communications, or other similar activities with a system. Fabrication
attacks primarily affect integrity but could be considered an availability attack as
2025/2026 Complete Questions and Correct
Detailed Answers Already Graded A+|Newest
Version
Risk Management Process - CORRECT ANSWER-1. Identify Asset
2. Identify Threats
3. Assess Vulnerabilities
4. Assess Risk
5. Mitigate Risk
CIA Triad - CORRECT ANSWER-Confidentiality, Integrity, Availability
,Parkerian hexad - CORRECT ANSWER-Where the CIA triad consists of
confidentiality, integrity, and availability, the Parkerian hexad consists of these
three principles, as well as possession or control, authenticity, and utility
Confidentiality - CORRECT ANSWER-Refers to our ability to protect our data
from those who are not authorized to view it.
Confidentiality can be compromised by the loss of a laptop containing data, a
person looking over our shoulder while we type a password, an e-mail attachment
being sent to the wrong person, an attacker penetrating our systems, or similar
issues.
Integrity - CORRECT ANSWER-Refers to the ability to prevent our data from
being changed in an unauthorized or undesirable manner. This could mean the
unauthorized change or deletion of our data or portions of our data, or it could
mean an authorized, but undesirable, change or deletion of our data. To maintain
integrity, we not only need to have the means to prevent unauthorized changes
to our data but also need the ability to reverse authorized changes that need to
be undone.
Availability - CORRECT ANSWER-refers to the ability to access our data when
we need it. Loss of availability can refer to a wide variety of breaks anywhere in
the chain that allows us access to our data. Such issues can result from power
,loss, operating system or application problems, network attacks, compromise of a
system, or other problems. When such issues are caused by an outside party, such
as an attacker, they are commonly referred to as a denial of service (DoS) attack.
Possession or Control - CORRECT ANSWER-Refers to the physical disposition of
the media on which the data is stored. This enables us, without involving other
factors such as availability, to discuss our loss of the data in its physical medium
An example is data store be on multiple devices and there could be numerous
versions.
Authenticity - CORRECT ANSWER-Attribution as to the owner or creator of the
data in question.
Authenticity can be enforced through the use of digital signatures.
Utility - CORRECT ANSWER-Refers to how useful the data is to us.
Interception - CORRECT ANSWER-Interception attacks allow unauthorized
users to access our data, applications, or environments and are primarily an
attack against confidentiality. Interception might take the form of unauthorized
, file viewing or copying, eavesdropping on phone conversations, or reading e-mail,
and can be conducted against data at rest or in motion. Properly executed,
interception attacks can be very difficult to detect.
Affects Confidentiality
Interruption - CORRECT ANSWER-Interruption attacks cause our assets to
become unusable or unavailable for our use, on a temporary or permanent basis.
Interruption attacks often affect availability but can be an attack on integrity as
well. In the case of a DoS attack on a mail server, we would classify this as an
availability attack.
Affects Integrity and availability
Modification - CORRECT ANSWER-Modification attacks involve tampering with
our asset. If we access a file in an unauthorized manner and alter the data it
contains, we have affected the integrity of the data contained in the file.
Fabrication - CORRECT ANSWER-Fabrication attacks involve generating data,
processes, communications, or other similar activities with a system. Fabrication
attacks primarily affect integrity but could be considered an availability attack as
