Page 1 of 36
WGU C836 COMPREHENSIVE FINAL ACTUAL
EXAM PREP 2026 ALL QUESTIONS AND
CORRECT DETAILED ANSWERS ALREADY A
GRADED WITH EXPERT FEEDBACK |NEW AND
REVISED
The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWER- E.Permanence
What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
A.Multifactor
B.Mutual
C.Something you know
D.Something you are
ESomething you do - ANSWER- B.Mutual
An authentication mechanism in which both parties authenticate each other -
ANSWER- Mutual authentication
,Page 2 of 36
Describes the ease with which a system can be tricked by a falsified biometric
identifier - ANSWER- Circumvention
A user who creates a network share and sets permissions on that share is
employing which model of access control? This task contains the radio buttons and
checkboxes for options. The shortcut keys to perform this task are A to H and alt+1
to alt+9.
A. Mandatory access control
B. Discretionary access control
C. Attribute-based access control
D. Role-based access control - ANSWER- Discretionary access control
What type of access control can prevent the confused deputy problem? This task
contains the radio buttons and checkboxes for options. The shortcut keys to
perform this task are A to H and alt+1 to alt+9.
A.ACLs
B.A password policy
C.Capability-based security
D.A locked door - ANSWER- Capability-based security
Confidential Services Inc. is a military-support branch consisting of 1,400
computers with Internet access and 250 servers. All employees are required to have
security clearances. From the options listed below, what access control model
would be most appropriate for this organization? This task contains the radio
buttons and checkboxes for options. The shortcut keys to perform this task are A to
H and alt+1 to alt+9.
,Page 3 of 36
A.Discretionary access control
B.Role-based access control
C.Attribute-based access control
D.Mandatory access control - ANSWER- D.Mandatory access control
A VPN connection that is set to time out after 24 hours is demonstrating which
model of access control? This task contains the radio buttons and checkboxes for
options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Mandatory access control
B.Role-based access control
C.Attribute-based access control
D.Discretionary access control - ANSWER- Attribute-based access control
Lesson: Authorization and Access Control
Objective: More Advanced
States that we should allow only the bare minimum access required in order for a
given party (person, user account, or process) to perform a needed functionality -
ANSWER- Principle of least privilege
Typically built to a certain resource, these contain the identifiers of the party
allowed to access the resource and what the party is allowed to do. - ANSWER-
Access control lists (ACLs)
In this method of security, a person's capabilities are oriented around the use of a
token that controls their access (e.g. a personal badge) - ANSWER- Capability-
based security
, Page 4 of 36
A type of attack that is more common in systems that use ACLs rather than
capabilities - ANSWER- The confused deputy problem
A type of attack that misuses the authority of the browser on the user's computer -
ANSWER- Cross-site request forgery (CSRF)
Access is determined by the owner of the resource in question - ANSWER-
Discretionary access control (DAC)
Similar to MAC in that access controls are set by an authority responsible for
doing so, rather than by the owner of the resource. In this model, access is based on
the role the individual is performing - ANSWER- Role-based access control
(RBAC)
Access is based on attributes (of a person, a resource, or an environment) -
ANSWER- Attribute-based access control
Designed to prevent conflicts of interest; commonly used in industries that handle
sensitive data. Three main resource classes are considered in this model: objects,
company groups, and conflict classes. - ANSWER- The Brewer and Nash model
A combination of DAC and MAC, primarily concerned with the confidentiality of
the resource. Two security properties define how information can flow to and from
the resource: the simple security property and the * property. - ANSWER- The
Bell-LaPadula model
Primarily concerned with protecting the integrity of data, even at the expense of
confidentiality. Two security rules: the simple integrity axiom and the * integrity
axiom. - ANSWER- The Biba model
WGU C836 COMPREHENSIVE FINAL ACTUAL
EXAM PREP 2026 ALL QUESTIONS AND
CORRECT DETAILED ANSWERS ALREADY A
GRADED WITH EXPERT FEEDBACK |NEW AND
REVISED
The biometric characteristic that measures how well a factor resists change over
time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence - ANSWER- E.Permanence
What type of authentication can prevent a man-in-the-middle attack? This task
contains the radio buttons and checkboxes for options.
A.Multifactor
B.Mutual
C.Something you know
D.Something you are
ESomething you do - ANSWER- B.Mutual
An authentication mechanism in which both parties authenticate each other -
ANSWER- Mutual authentication
,Page 2 of 36
Describes the ease with which a system can be tricked by a falsified biometric
identifier - ANSWER- Circumvention
A user who creates a network share and sets permissions on that share is
employing which model of access control? This task contains the radio buttons and
checkboxes for options. The shortcut keys to perform this task are A to H and alt+1
to alt+9.
A. Mandatory access control
B. Discretionary access control
C. Attribute-based access control
D. Role-based access control - ANSWER- Discretionary access control
What type of access control can prevent the confused deputy problem? This task
contains the radio buttons and checkboxes for options. The shortcut keys to
perform this task are A to H and alt+1 to alt+9.
A.ACLs
B.A password policy
C.Capability-based security
D.A locked door - ANSWER- Capability-based security
Confidential Services Inc. is a military-support branch consisting of 1,400
computers with Internet access and 250 servers. All employees are required to have
security clearances. From the options listed below, what access control model
would be most appropriate for this organization? This task contains the radio
buttons and checkboxes for options. The shortcut keys to perform this task are A to
H and alt+1 to alt+9.
,Page 3 of 36
A.Discretionary access control
B.Role-based access control
C.Attribute-based access control
D.Mandatory access control - ANSWER- D.Mandatory access control
A VPN connection that is set to time out after 24 hours is demonstrating which
model of access control? This task contains the radio buttons and checkboxes for
options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Mandatory access control
B.Role-based access control
C.Attribute-based access control
D.Discretionary access control - ANSWER- Attribute-based access control
Lesson: Authorization and Access Control
Objective: More Advanced
States that we should allow only the bare minimum access required in order for a
given party (person, user account, or process) to perform a needed functionality -
ANSWER- Principle of least privilege
Typically built to a certain resource, these contain the identifiers of the party
allowed to access the resource and what the party is allowed to do. - ANSWER-
Access control lists (ACLs)
In this method of security, a person's capabilities are oriented around the use of a
token that controls their access (e.g. a personal badge) - ANSWER- Capability-
based security
, Page 4 of 36
A type of attack that is more common in systems that use ACLs rather than
capabilities - ANSWER- The confused deputy problem
A type of attack that misuses the authority of the browser on the user's computer -
ANSWER- Cross-site request forgery (CSRF)
Access is determined by the owner of the resource in question - ANSWER-
Discretionary access control (DAC)
Similar to MAC in that access controls are set by an authority responsible for
doing so, rather than by the owner of the resource. In this model, access is based on
the role the individual is performing - ANSWER- Role-based access control
(RBAC)
Access is based on attributes (of a person, a resource, or an environment) -
ANSWER- Attribute-based access control
Designed to prevent conflicts of interest; commonly used in industries that handle
sensitive data. Three main resource classes are considered in this model: objects,
company groups, and conflict classes. - ANSWER- The Brewer and Nash model
A combination of DAC and MAC, primarily concerned with the confidentiality of
the resource. Two security properties define how information can flow to and from
the resource: the simple security property and the * property. - ANSWER- The
Bell-LaPadula model
Primarily concerned with protecting the integrity of data, even at the expense of
confidentiality. Two security rules: the simple integrity axiom and the * integrity
axiom. - ANSWER- The Biba model
