D430 - Q&A - Fundamentals of Information Security (Actual Exam) Questions with verified Answers (Latest Update 2026) UPDATE!!-WGU

Controls that protect the systems, networks, and environments that process, transmit, and store our data are called _______.

Logical Controls

During what phase of the incident response process do we determine what happened, why it happened, and what we can do to keep it from happening again?

Post-Incident Activity

Something that has the potential to cause harm to our assets is known as a(n) ________.

Threat

What is the first and arguably one of the most important steps of the risk management process?

Identify assess

The Fabrication attack type most commonly affects which principle(s) of the CIA triad?

Integrity and Availability

The Interception attack type most commonly affects which principle(s) of the CIA triad?

Confidentiality

A badge or token is considered what type of authentication?

Something you have

A password or PIN is considered what type of authentication?

Something you know

The set of methods we use to establish a claim of identity as being true is called ______.

Authentication

A fingerprint is considered what type of authentication?

Something you are

What type of authentication can prevent a man-in-the-middle attack?

Mutual

The biometric characteristic that measures how well a factor resists change over time and with advancing age is called __________

Permanence

What dictates that we should only allow the bare minimum of access, as needed?

Principle of least privilege

Access controls are policies or procedures used to control access to certain items.

True

What is implemented through the use of access controls?

Authorization

Which answer best describes the authorization component of access control?

Authorization is the process of determining who is approved for access and what resources they are approved for.

A client-side attack that involves the attacker placing an invisible layer over something on a website that the user would normally click on, in order to execute a command differing from what the user thinks they are performing, is known as ___________.

Clickjacking

What type of access control can prevent the confused deputy problem?

Capability-based security

A user who creates a network share and sets permissions on that share is employing which model of access control?

Discretionary access control

A VPN connection that is set to time out after 24 hours is demonstrating which model of access control?

Attribute-based access control

Confidential Services Inc. is a military-support branch consisting of 1,400 computers with Internet access and 250 servers. All employees are required to have security clearances. From the options listed below, what access control model would be most appropriate for this organization?

Mandatory access control

What is information security?

Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Using the concept of defense in depth we can protect ourselves against someone using a USB flash drive to remove confidential data from an office space within our building.

True

Select the example(s) of identity verification. (Choose all that apply.)

SSN

Passport

Birth certificate

Multifactor authentication is the use of more than one authentication method to access an information system.

True

Which password below would meet complexity standards?

!Q@S#z6ge7Uks1lw3

What is accountability comprised of?

Authorization

Authentication

Identification

Access

What document do courts require for admissibility of records?

Chain of custody

An employee is charged with fraud, and the company can prove in court that there are email transactions showing that the employee completed these using a digital signature. What term is being described?

Nonrepudiation

What is auditing?

The primary means to ensure accountability through technical means

What are the two common forms of assessments performed on networks? (Choose all that apply.)

Penetration test

Vulnerability assessment

_______ provides us with the means to trace activities in our environment back to their source.

Accountability

Nessus is an example of a(n) _______________ tool.

Vulnerability scanning

A surveillance video log contains a record, including the exact date and time, of an individual gaining access to his company's office building after hours. He denies that he was there during that time, but the existence of the video log proves otherwise. What benefit of accountability does this example demonstrate?

Non repudiation

What process ensures compliance with applicable laws, policies, and other bodies of administrative control, and detects misuse?

Auditing

Your organization's network was recently the target of an attack. Fortunately, the new system you installed took action and refused traffic from the source before you even had a chance to respond. What system did you install?

An intrusion prevention system

The act of scrambling plain text into cyphertext is known as ________.

encryption

A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.

True

An encryption cipher that uses the same key to encrypt and decrypt is called a/an ______.

asymmetric key

Hashes provide confidentiality and integrity.

False

An algorithm used for cryptographic purposes is known as a _______.

cipher

__________ corroborates the identity of an entity, whether it is the sender, the sender's computer, some device, or some information.

Authentication

The science of breaking through encryption is known as _____.

Cryptanalysis

Hashes provide _______, but not _______.

Integrity, confidentiality

Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access. The company is concerned that a wily, computer-savvy competitor will send e-mail messages pretending to be from Shovels and Shingles to its customers, in an attempt to gather customer information. What encryption solution best prevents a competitor from successfully impersonating the company?

Digital signatures

Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the Web servers. What encryption solution best meets this company's needs?

Elliptic Curve Cryptography (ECC)

We are somewhat limited in our ability to protect which type of data?

Data in use

A cybersecurity professional must be proficient with all current laws, both state and federal, that may apply to the organization he or she works with.

False

FISMA refers to ____.

Federal Information Security Management Act of 2002 and Federal Information Security Modernization Act of 2014

Which statement below is true about a company operating in the United States today?

International computing laws must be considered if any customer resides outside the U.S.

PII is personally identifiable information. This data must always _____.

be monitored for compliance

______ ensures the protection of information, operations, and assets in federal government.

FISMA

______ protects the privacy of students and their parents.

FERPA

______ sets limits on the use and disclosure of patient information and grants individuals rights over their own health records.

HIPAA

______ regulates the financial practice and governance of corporations.

SOX

______ protects the customers of financial institutions.

GLBA

Some standards are not mandated by law but are managed and enforced by the industry, often via a council or committee. Which of the options below is an example of this industry compliance?

PCI DSS

A formal methodology of operations security is _____.

OPENSEC

Risk can be higher when ___________ services are used for computing operations.

cloud computing

During what phase of the operations security process do we match threats and vulnerabilities?

Assessment of risks

Haas' second law of operations security, "If you don't know what to protect, how do you know you are protecting it?," maps to what step in the operations security process?

Identification of critical information

The process of intelligence gathering and analysis to support business decisions is known as _______.

Competitive intelligence

The study that was conducted to discover the cause of the information leak during the Vietnam War was codenamed ________ and is now considered a symbol of OPSEC.

Purple Dragon

You are leaving for an extended vacation and want to take steps to protect your home. You set a timer to turn lights and the TV on and off at various times throughout the day, suspend the mail delivery, and arrange for a neighbor to come in and water the plants. What step in the operations security process do these actions demonstrate?

Application of countermeasures

Choose all the answers that improve training efforts towards achieving a user's authentic change of behaviors and better security habits.

Communicate security awareness in varied and repeated ways.

Implement gamification techniques in the required CBT course.

Which of the options below is an example of an effective Security Awareness, Training, and Education (SATE) strategy?

A daily "security check" question that, if answered correctly, enters the user into a giveaway

Which social engineering technique involves impersonating someone else to convince the target to perform some action that they wouldn't normally do for a stranger?

Pretexting

You swipe your key card to gain access to a secure area of the building. As you pass through the door, you notice someone right behind you. You don't recall that he was walking behind you a moment ago, nor do you see a key card in his hand. What social engineering technique is demonstrated in this example?

Tailgating

Your IT department has implemented a comprehensive defense in depth strategy to protect your company resources. The buildings are protected by key card swipes and video surveillance, logins and passwords are required for access to any digital resource, and your network and workstation equipment is properly configured, patched, and protected. Policies are in place to recover from any major security risk. What single entity can invalidate all of these efforts?

A person

Which of the following is not a best practice for password security?

Teaching users how to manually sync passwords between systems

Security guards and guard dogs are a part of which type(s) of physical security controls?

Preventive

Deterrent

Detective

Which storage media is least sensitive to temperature, humidity, magnetic fields, and impacts?

Flash media

Deterrent, detective, and preventive security controls, when used in isolation, are not a complete solution. To have a stronger, more complete solution, we need to use _____.

defense in depth

Your company has an office full of expensive computer equipment to protect. You recommend a variety of approaches, including a security guard stationed at the entrance, a high fence around the property, and key card entry to all nonpublic areas. What security concept are you recommending to protect your company's assets?

Defense in depth

What planning process ensures that critical business functions can continue to operate during an emergency?

Business continuity planning

You work for a small company that has just upgraded its data servers. The new servers are up and running, and normal operations have resumed. The company plans to sell its old equipment. What is your primary concern before they auction off the old hardware

Residual data

What planning process ensures that we can respond appropriately during and after a disaster?

Disaster recovery planning

Which of the options below demonstrates all three types of physical security controls: deterrent, detective, and preventive?

A guard dog

A way to keep our network traffic content from being logged by our ISP is _____.

VPN

The toolset a corporation might use to centrally manage all cellular phones provided to its employees is _____.

MDM

Tcpdump

This command-line packet sniffing tool runs on Linux and UNIX operating systems.

Kismet

A tool used to detect unauthorized wireless access points

Hping3

A tool used to test the security of firewalls.

Nmap

A versatile tool able to scan ports, search for hosts on the network, and other operations.

Wireshark

A graphical interface protocol analyzer capable of filtering, sorting, and analyzing both wired and wireless network traffic

_____________ is a sniffer that specializes in detecting wireless devices.

Kismet

A firewall that can watch packets and monitor the traffic from a given connection is using what kind of firewall technology?

Stateful packet inspection

A tool that deliberately displays vulnerabilities in an attempt to bait attackers is called _____________.

a honeypot

A specialized type of firewall that provides security and performance features, functions as a choke point, allows for logging traffic for later inspection, and serves as a single source of requests for the devices behind it is known as a(n) ____________.

Proxy server

_____________ is a popular, fully-featured sniffer capable of intercepting traffic from a wide variety of wired and wireless sources.

Wireshark

Executable space protection is a software technology implemented by operating systems to stop attacks using the same techniques used in malware.

False

This type of host-based software may communicate with the management device by sending regular beacons.

HIDS

Vulnerability Assessment Tools

Nessus

Scanner

Nmap

Exploit Framework

Metasploit

CANVAS

The total of the available avenues through which our operating system might be attacked is called a(n) ________.

Attack surface

Which tool is a well-known vulnerability assessment tool that also includes a port scanner?

Nessus

Which well-known tool is a scanner with a large and broad set of functionality?

Nmap

What security strategy best protects an operating system from buffer overflow attacks?

Implement executable space protection

Small bits of software that take advantage of flaws in other software or applications to cause them to behave in ways that were not intended by their creators are called _____ .

Exploits