WGU Managing Cloud Security (JY02) Exam - Topic 4 Question 10 Discussion

Actual exam question for WGU's WGU Managing Cloud Security (JY02) exam

Question #: 10
Topic #: 4

[All WGU Managing Cloud Security (JY02) Questions]

An accountant in an organization is allowed access to a company's human resources database only to adjust the number of hours that the organization's employees have worked in a fiscal year. However, the accountant modifies an employee's personal information. Which part of the STRIDE model describes this situation?

ASpoofing

BDenial of service

CTampering

DElevation of privilege

Show Suggested Answer

Suggested Answer: C

The STRIDE threat model identifies six categories: Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege. In this scenario, the accountant modified data they were not authorized to change. This is an act of Tampering, which refers to unauthorized alteration of data or systems.

Spoofing would involve impersonating another identity, denial of service would block availability, and elevation of privilege would involve gaining higher access rights. The accountant already had legitimate access but misused it to alter data outside their scope of responsibility.

Tampering compromises data integrity, one of the pillars of the CIA triad. In cloud and enterprise systems, safeguards against tampering include role-based access control, least privilege, and auditing to detect unauthorized changes. Recognizing this as tampering helps in identifying insider misuse and implementing compensating controls.

by Rodney at May 07, 2026, 08:11 PM

Limited Time Offer

25%

Off

Get Premium WGU Managing Cloud Security (JY02) Questions as Interactive Web-Based Practice Test or PDF