WGU D430 fundamentals of
information security
exam(246 questions and
answers)
Information security - answer protecting data,
software, and hardware secure against
unauthorized access, use, disclosure, disruption,
modification, or destruction.
Compliance - answer The requirements that are set
forth by laws and industry regulations.
IE: HIPPA/ HITECH- healthcare, PCI/DSS- payment
card industry, FISMA- federal government agencies
DAD Triad - answer Disclosure, alteration, and
denial
CIA Triad - answer The core model of all
information security concepts. Confidential,
integrity and availability
,Confidential - answer Ability to protect our data
from those who are not authorized to view it.
What ways can confidentiality be compromised? -
answer - lose a personal laptop with data
- Person can view your password you are entering
in
- Send an email attachment to the wrong person.
- Attacker can penetrate your systems....etc.
integrity - answer Keeping data unaltered by
accidental or malicious intent
How to maintain integrity? - answer Prevent
unauthorized changes to the data and the ability to
reverse unwanted authorized changes.
Via system/file permissions or Undo/Roll back
undesirable changes.
Availability - answer The ability to access data
when needed
Ways Availability can be compromised - answer -
Power loss
,- Application issues
- Network attacks
- System compromised (DoS)
Denial of Service (DoS) - answer Security problem
in which users are not able to access an
information system; can be caused by human
errors, natural disaster, or malicious activity.
Parkerian hexad model - answer A model that adds
three more principles to the CIA triad:
Possession/Control
Utility
Authenticity
Possession/ control - answer Refers to the physical
disposition of the media on which the data is
stored; This allows you to discuss loss of data via
its physical medium.
Principle of Possession example - answer Lost
package (encrypted USB's and unencrypted USB's)
, possession is an issue because the tapes are
physically lost.
(Unencrypted is compromised via confidentiality
and possession; encrypted is compromised only via
possession).
Principle of Authenticity - answer Allows you to say
whether you've attributed the data in question to
the proper owner/creator.
Ways authenticity can be compromised - answer
Sending an email but altering the message to look
like it came from someone else, than the original
one that was sent.
Utility - answer How useful the data is to you.
Ex. Unencrypted (a lot of utility) Encrypted (little
utility).
Security Attacks - answer Broken down from the
type of attack, risk the attack represents, and
controls you might use to mitigate it.
Types of attacks - answer 1- interception
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BRAINBOOSTERS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.