WGU C836 Pre- Assessment Fundamentals of Information Security Exam Version 2| Questions and Verified Answers| 2023/ 2024 Update
Q: An organization employs a VPN to safeguard its information. Which security principle is
protected by a VPN?
Answer:
Data in motion
Q: A malicious hacker was successful in a denial of service (DoS) attack against an institution’s
mail server. Fortunately, no data was lost or altered while the server was offline. Which type of
attack is this?
Answer:
Interruption
Q: A company has had several successful denial of service (DoS) attacks on its email server.
Which security principle is being attacked?
Answer:
Availability
Q: Which file action implements the principle of confidentiality from the CIA triad?
Answer:
Encryption
WGU C836 Pre- Assessment Fundamentals
of Information Security Exam Version 2|
Questions and Verified Answers| 2023/ 2024
Update
Q: A company’s IT policy manual states that “All company computers, workstations,
application servers, and mobile devices must have current versions of antivirus software.” Which
principle or concept of cybersecurity does this policy statement impact?
Answer:
Operating system security
Q: A company’s website policy states that “To gain access to the corporate website, each
employee must provide a valid user name and password, and then answer one of six security
questions accurately.”Which type of security does the policy address?
Answer:
Operations
Q: A company wants to update its access control policy. The company wants to prevent hourly
employees from logging in to company computers after business hours. Which type of access
control policy should be implemented?
Answer:
Attribute-based
Q: A user runs an application that has been infected with malware that is less than 24 hours old.
The malware then infects the operating system. Which safeguard should be implemented to
prevent this type of attack?
Answer:
Limit user account privileges.
Q: Which type of tool can be used to detect vulnerabilities in source code related to improper
handling of user input?
Answer:
Fuzzer
Q: Which tool should an application developer use to help identify input validation
vulnerabilities?
Answer:
A fuzzer
Q: A company has files stored on a server that are critical to the organization’s viability. The
administrator has assigned the appropriate permissions to the files. How should the administrator
provide additional confidentiality protection for the files at rest?
Answer:
File encryption
Q: An attacker performs a buffer overflow attack on an organization’s web server. The web
server locks up and must be restarted to restore functionality. Which part of the CIA triad is
under attack?
Answer:
Availability
Q: Some malware hides itself by replacing some system administrator commands on a server,
but the server continues to function normally for its users. Which component of the CIA triad has
been compromised?
Answer:
Integrity
Q: Which two principles of the CIA triad can be violated by a fabrication attack?
Powered by https://learnexams.com/search/study?query=