WGU C845 Information Systems Security 2026, Exams of Computer Security

AAA, Triple A - correct answer -Referred to as the AAA of access control: authentication, authorization, and accounting algorithm - correct answer -A mathematical function cryptographic algorithm that encrypts or decrypts text authentication - correct answer -Method used to verify the identity claim of a user authorization - correct answer -The act of defining the network resources, applications, and data that may be accessed by a user availability - correct answer -One of the central principles of the AIC triad. A core goal of a security professional is to ensure that data and hardware are available when the user requires them

Typology: Exams

2025/2026

Available from 02/01/2026

loftus-kiara
loftus-kiara šŸ‡ŗšŸ‡ø

3.4

(5)

913 documents

1 / 18

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
WGU C845 Information Systems
Security
AAA, Triple A - correct answer -Referred to as the AAA of access control: authentication, authorization,
and accounting
algorithm - correct answer -A mathematical function cryptographic algorithm that encrypts or decrypts
text
authentication - correct answer -Method used to verify the identity claim of a user
authorization - correct answer -The act of defining the network resources, applications, and data that
may be accessed by a user
availability - correct answer -One of the central principles of the AIC triad. A core goal of a security
professional is to ensure that data and hardware are available when the user requires them
confidentiality - correct answer -One of the central principles of the AIC triad; represents a core goal of
the security professional to ensure, possibly through encryption, that sensitive information is protected
from exposure
due care - correct answer -The taking of actions that a reasonable and prudent person would take in a
given situation
due diligence - correct answer -Refers to taking actions that prevent harm to persons or their property
identification - correct answer -A unique designation assigned to a member of a group. A claim
presented when desiring access
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12

Partial preview of the text

Download WGU C845 Information Systems Security 2026 and more Exams Computer Security in PDF only on Docsity!

WGU C845 Information Systems

Security

AAA, Triple A - correct answer -Referred to as the AAA of access control: authentication, authorization,and accounting

algorithm - correct answer -A mathematical function cryptographic algorithm that encrypts or decryptstext

authentication - correct answer -Method used to verify the identity claim of a user authorization - correct answer -The act of defining the network resources, applications, and data thatmay be accessed by a user

availability - correct answer -One of the central principles of the AIC triad. A core goal of a securityprofessional is to ensure that data and hardware are available when the user requires them

confidentiality - correct answer -One of the central principles of the AIC triad; represents a core goal ofthe security professional to ensure, possibly through encryption, that sensitive information is protected from exposure due care - correct answer -The taking of actions that a reasonable and prudent person would take in agiven situation

due diligence - correct answer -Refers to taking actions that prevent harm to persons or their property identification - correct answer -A unique designation assigned to a member of a group. A claimpresented when desiring access

integrity - correct answer -One of the central principles of the AIC triad; represents a core goal of asecurity professional, to ensure that no changes have occurred to data or a system, thus ensuring the data's integrity job rotation - correct answer -The act of shifting individuals between roles and responsibilities toprohibit security violations

least privilege - correct answer -Security principle that individuals are provided with the least amount ofinformation required to perform their jobs or duties

mandatory vacation - correct answer -A security control that allows the monitoring of businessfunctions without the availability of a principal or responsible individual

separation of duties - correct answer -A security program in which two or more people are required toindependently perform activities to complete an action

user ID - correct answer -An assigned identification. Every user of the system should have a unique userID. Its use must still be authenticated

certification - correct answer -The successful conclusion after a system or application has been testedagainst preestablished standards

vulnerability assessment - correct answer -The organized set of steps used to identify and analysethreats and vulnerabilities to determine an organization's overall risk

access control list (ACL) - correct answer -A list of subjects and assigned rights used in access control. administrative controls - correct answer -Controls put in place to enforce policies and directives asdictated by the organization

biometrics - correct answer -Hardware or software used to measure human characteristics as part of anauthentication system

multifactor authentication - correct answer -A type of authentication in which more than oneauthentication technique is used to verify the authenticity of a user's identity. Multifactor authentication must feature at least two of the following: something you know, something you are, orsomething you have

object - correct answer -Any resource such as database, application, or device that is accessed by asubject. While object is passive and is acted upon by a subject, the subject is referred to as active

penetration test - correct answer -An authorized negative test of a system, network, or application toidentify vulnerabilities

role-based access control - correct answer -Grouping similar individuals based upon their roles andallowing them authorization to the same system resources

rule-based access control - correct answer -A control that determines access based on preset rules suchas locking out of the system during the weekend, password lockout after a determined number of attempts were made, or system lockout after a predetermined period of inactivity single-factor authentication - correct answer -An authentication method in which only one means ofauthentication is required, such as a password. Single-factor authentication would require one of the following: something you know, something you are, or something you have something you are - correct answer -An authentication factor based on biometric testing to determinethat a physical attribute matches an attribute on file

something you have - correct answer -An authentication factor based upon the possession of an itemsuch as a token device, key card, smart card, or hardware device

something you know - correct answer -An authentication factor based upon the knowledge ofinformation such as a password, PIN code, or access word

somewhere you are - correct answer -An authentication factor based upon geographic location such asa GPS coordinate or an unidentified network or system.

accreditation - correct answer -Formal acceptance by management that a system or application hasbeen certified and may be placed into operation.

baseline - correct answer -An established standard of activity. Normal or expected measurement ofactivity against which other activity is measured.

breach - correct answer -An attack in which data is released to the public. business impact analysis (BIA) - correct answer -Identification and prioritization of various threats andthe possibility of harm they may do to the business functions.

change control - correct answer -A methodology and formalized structure of presenting, analyzing,authorizing, and recording changes to systems and applications.

input validation - correct answer -Actions taken to control or verify the data input into a system. To testinput data against an established baseline.

mobile code - correct answer -Computer instructions, applications, or information that transfersautomatically between devices without user intervention or sometimes knowledge.

recovery controls - correct answer -Controls put in place to return the environment to the way it wasprior to an incident.

recovery point objective (RPO) - correct answer -The established point at which an application ordepartment must be back online and operating after an incident.

recovery time objective (RTO) - correct answer -How quickly data must be reinstalled or copied from abackup location so that an application can be restored and begin processing.

risk appetite - correct answer -The amount of risk an organization is willing to accept; an arbitrarymeasure of the aggressive or passive risk posture of an organization.

incident - correct answer -An event with the potential of doing harm. log file - correct answer -A record of events occurring on a device, in an application, or on the network. physical controls - correct answer -Controls put in place to mitigate the risk of unauthorized entry to,theft of, or harm to people or assets.

residual risk - correct answer -Any risk remaining after a primary risk treatment has been applied. Forinstance, an insurance deductible is residual risk after the primary treatment of risk assignment is made to the insurance company. risk - correct answer -A probability of loss expressed as a percentage; the probability that a threat willexploit a weakness or vulnerability and the result will be harmful.

risk acceptance - correct answer -A business decision whereby through analysis, it has been determinedthat either the probability of loss or an attack is so minimal that the organization will bear the costs should it happen. The act of ignoring a risk or being uninformed of the existence of a risk constitutes riskacceptance by default.

risk management - correct answer -An organized program that identifies, analyses and evaluates, anddetermines mitigation strategies for dealing with risk situations.

risk mitigation - correct answer -Mitigation includes any actions taken to reduce the likelihood that athreat can happen and/or that a vulnerability exists for the threat to exploit. Mitigation is the reduction of either a threat or a vulnerability that thereby reduces risk. single loss expectancy (SLE) - correct answer -The dollar amount of loss expected during a single attack.A single loss expectancy is the result of multiplying the asset value AV by the exposure factor EF.

alert - correct answer -A message triggered by an event. Alerts may take the form of email, textmessages, computer screen banners, flashing lights, and other methods of drawing attention to an issue.

business continuity plan (BCP) - correct answer -A plan established by a policy that details actions to betaken to maintain business operations after a disaster event.

chain of custody - correct answer -The process of methodically tracking and documenting the handlingof evidence from the moment it is collected to the moment it is returned to the owner.

clipping level - correct answer -An arbitrary level of activity on a network system or on a network devicethat serves as a demarcation or threshold that once reached causes the triggering of some action. The clipping level is established above a baseline of activity. The clipping level serves to reduce the noise andto reduce the detection of false positives or to reduce the number of log entries.

cold site - correct answer -A physical alternate data processing location containing no equipment,applications, or data. A cold site may have basic services such as HVAC and electricity.

control - correct answer -Any action, method, or device that reduces the likelihood of a threatexploiting a vulnerability. A control may mitigate a threat or a vulnerability.

corrective controls - correct answer -Controls put in place to immediately halt an activity fromcontinuing.

countermeasure - correct answer -Any action, method, or device that reduces the likelihood of a threatexploiting a vulnerability. A countermeasure may mitigate a specifically identified threat or a certain vulnerability. A countermeasure is usually a type of control put in place as the result of a risk analysis. differential backup - correct answer -A data backup strategy in which periodic (such as daily)transactions are appended to a file consisting of all transactions since the last full backup. Differential backups are relatively fast to restore since only one backup file must be appended to the last full backupin order to restore data.

directive controls - correct answer -Controls put in place to enforce the policies of the organization.Directive controls are usually warnings.

preventative controls - correct answer -Controls put in place to reduce the opportunity for a threat toexploit a vulnerability.

3DES, Triple DES - correct answer -A symmetric encryption algorithm that uses either two (key 1 andkey 3are the same) or three keys and improves upon the Data Encryption Standard algorithm.

Advanced Encryption Standard (AES) - correct answer -A symmetric block algorithm selected by NIST tobe used as a standard by the U.S. government.

asymmetric algorithm - correct answer -The cryptographic algorithm that requires two separate keys;one is secret and the other public.

asymmetric encryption - correct answer -The process of using two keys, a public key and a private key,to encrypt and decrypt messages.

certificate authority (CA) - correct answer -A trusted entity that issues an X.509 certificate, whichincludes the certificate owner's public key. Through a trust structure, the certificate is trusted as authentic as well as affirming or binding the key to the owner. ciphertext - correct answer -An encrypted version of plaintext. compliance - correct answer -Accordance with the rules, regulations, or edicts of a body such as afederal or state organization or as required by a contractual relationship.

cryptanalysis - correct answer -The exercising of techniques and methodology used to defeat anencryption algorithm, break a password, or decrypt a message.

data in transit - correct answer -Any data in movement on a network or telecommunications system. Diffie-Hellman key exchange - correct answer -A method of key exchange by which two partiesnumerically derive a common secret key based upon each party having a secret and each party exchanging a public number.

digital certificate - correct answer -Electronic document based on the X.509 certificate format standard.A digital certificate is issued by a trusted certificate authority and contains a public key. The purpose of a digital certificate is to irrefutably bind the public key with the identity of the public key owner. digital signature - correct answer -A method of signing a message by encrypting a hash value of themessage with a private key, thus providing irrefutable proof that the sender sent the message and guaranteeing message integrity. hash function - correct answer -A one-way function that produces a message digest or hash value basedon an input message.

initialization vector (IV) - correct answer -A non-secret set of random numbers used to increase securityby enhancing the cryptographic key.

Key encrypting key - correct answer -A symmetric key that is shared between the two users. Thesymmetric key is used to encrypt a session key for exchange between the two users prior to each communication session. The session key is discarded at the end of each session, requiring anew sessionkey to be exchanged. The technique is sometimes referred to as key-wrapping.

Key escrow - correct answer -A location where duplicate keys are stored and may be accessed in theevent a primary key is lost or corrupted.

key space - correct answer -The total number of possible cryptographic keys that may be producedbased upon the overall key length in bits. For instance, if a key is 56 bits in length, the total number of possible keys would be 256. In cryptography, generally the longer the key length, the more effective thecryptographic algorithm, and therefore the more secure the resulting cryptotext.

message digest - correct answer -The output of a hashing algorithm that is always an established lengthbased on the output specifications of the hashing algorithm. Hashing algorithms produce a message digest or hash value of an established length regardless of the length of the original message. The termsmessage digest and hash value are synonymous.

nonrepudiation - correct answer -The concept that a sender cannot deny that they sent a message.

voice over IP (VoIP) - correct answer -The relaying of packets containing digitized voice over a networkand Internet connection.

work factor - correct answer -The time and effort required to break an encrypted message, determinean encryption key, or break a password.

bandwidth - correct answer -The speed at which information may be transferred across media. bastion host - correct answer -A server positioned between a trusted and untrusted network that ishardened and expected to be attacked.

bus topology - correct answer -A network topology design in which all nodes are connected to a singlecentral wire.

CSMA - correct answer -Carrier sense multiple access. Carrier sense means that a device can listen to allcommunications when connected to the network wire. Multiple access means that any member of the network can communicate at any time. CSMA/CA - correct answer -Carrier sense multiple access with collision avoidance. With collisionavoidance the node wishing to transmit broadcasts a jamming tone announcing that it will be transmitting. This prevents other nodes from transmitting at the same time. CSMA/CD - correct answer -Carrier sense multiple access with collision detection. A media controlmethod that features transmission collision detection when two nodes transmit at exactly the same time. In the event of a communication collision, both nodes set an arbitrary timer, and the first timer toexpire transmits first.

data disclosure - correct answer -A breach or release of data due to an attack in which sensitive data isdisclosed to the public.

demilitarized zone - correct answer -A subnetwork created between two firewalls exposed to anuntrusted network. Applications that may be accessed by the public are placed on hardened servers within the demilitarized zone.

Ethernet - correct answer -A local area network telecommunications standard defined by IEEE 802.3. event - correct answer -Any action on a network. federated access - correct answer -A single sign-on technology allowing a user access to networksusually owned and maintained by third parties.

firewall - correct answer -The device that enforces access rules based on filtering traffic. intrusion detection system (IDS) - correct answer -Hardware or software that detects a situation andtakes a predetermined action such as alerting an operator or beginning a log recording. Intrusion detection is a passive operation. An intrusion detection system location in the network may bedetermined by placing an "H" for host and an "N" for network preceding the letters IDS.

intrusion prevention system (IPS) - correct answer -Hardware or software that detects a situation andtakes defensive preprogrammed actions such as dropping packets, shutting down communication channels, and blocking ports. Intrusion prevention is an active operation. An intrusion detection systemlocation in the network may be determined by placing an "H" for host and an "N" for network preceding the letters IPS. MAC address - correct answer -A globally unique 48-bit number consisting of a manufacturer'sidentification number as well as a unique device number.

OSI reference model - correct answer -The seven-layer telecommunications model based on a dataencapsulation principle.

promiscuous mode - correct answer -A setting on a network interface card that allows it to accept allnetwork traffic. Used in network monitoring, sniffers, and detection systems.

regression analysis - correct answer -The testing of an application against a previously establishedbaseline after the addition of a change or patch to determine if anything else changed.

buffer overflow - correct answer -Data that is larger than the area in which it's placed can handle,resulting in an error condition.

cloud computing - correct answer -A computing model that offers on-demand virtualized services.Cloud computing is a metered pay-per-use service model.

cluster - correct answer -A group of similar devices that share attributes. Clusters may be used for loadbalancing or spreading tasks or storage information among various devices. Servers as well as storage devices may be clustered. community cloud - correct answer -The cloud model in which similar entities or groups of users access asemi-private cloud environment that has been established for their particular purpose.

covert channel - correct answer -A communication channel hidden from normal monitoring practices. data leak prevention - correct answer -Hardware and software technologies that identify data at rest orin transit through sophisticated search mechanisms. For instance, DLP can be set to watch for ZIP codes, phone numbers, Social Security numbers, and patient record numbers and terminate thecommunication if such information is being exfiltrated.

data remanence - correct answer -The remaining physical representation of data on a magnetic deviceafter an erasure procedure.

data warehouse - correct answer -A large data store used for research, data storage, or archivalpurposes.

elasticity - correct answer -The ability for resources to be expanded or contracted based on requiredutilization. Most often used to describe the cloud.

hardening - correct answer -The act of reducing the attack surface of a hardware or software item,usually by eliminating vulnerabilities.

hybrid cloud - correct answer -The combination of more than one cloud model. hypervisor - correct answer -Specialized software that is used to provide a virtual environment wherevirtual machines exist. The hypervisor allocates and controls host hardware resources for the virtual environment. A Type 1 hypervisor, also referred to as a bare-metal hypervisor, directly interacts with thehost machine hardware infrastructure. A Type 2 hypervisor only interacts with the operating system of the host machine. injection attack - correct answer -The insertion of code or script into a vulnerable application by way ofa form field or other input area.

malware - correct answer -Malicious software used in an attack against a network or host system. multitenancy - correct answer -Most often describes multiple virtual machines residing on one host. Incloud hosting, the virtual machines may not be owned or controlled by the same organization. Multitenancy can also refer to several users accessing a single instance of an application or virtualdevice.

private cloud - correct answer -A cloud model where only one organization has access. public cloud - correct answer -A cloud that is open to the general public; anyone can rent space and useservices.

root kit - correct answer -Malware and attacks in the root or core of an operating system. The malwaretakes on the identity of legitimate operational components to circumvent detection mechanisms. A root kit establishes itself during a booting sequence, thus avoiding standard antimalware scanning. sandbox - correct answer -An isolated server, subnet, or virtual machine that allows an application to betested in an environment that is totally separate from any other part of a network.

screen scraper - correct answer -A program that has the ability to extract data displayed on a screen oroutput device.