100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA LATEST EXAM QUESTIONS AND ANSWERS (300 QUESTIONS AND CORRECT ANSWERS) AGRADEWGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA LATEST EXAM QUESTIONS AND ANSWERS (300 QUESTIONS AND CORR$14.49
Add to cart
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA
Exam (elaborations)
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA LATEST EXAM QUESTIONS AND ANSWERS (300 QUESTIONS AND CORRECT ANSWERS) AGRADEWGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA LATEST EXAM QUESTIONS AND ANSWERS (300 QUESTIONS AND CORR
0 view 0 purchase
Course
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA
Institution
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA
WGU C836 - FUNDAMENTALS OF INFORMATION SECURITY OA LATEST EXAM QUESTIONS AND ANSWERS (300 QUESTIONS AND CORRECT ANSWERS) AGRADE
WGU C836 Fundamentals of Information Security
Study online at https://quizlet.com/_b6cp3v
1. Define the confi- the core model of all of information security
dentiality, integrity,
availability *(CIA)
triad*.
2. Differentiate *confi- *Confidential* is allowing only those *authorized to ac-
dentiality*, *integri- cess* the data requested.
ty*, and *availabili- *Integrity* is keeping *data unaltered* by Accidental or
ty*. Malicious intent.
*Availability* is the ability to *access* data when need-
ed.
3. Define *information keeping data, software, and hardware secure against
security*. unauthorized access, use, disclosure, disruption, mod-
ification, or destruction
4. Assets should al- Most important: people, data
ways be protected Least important: hardware/software
by value to the or-
ganization in this
order:
5. Define the *Parker- CIA triad plus:
ian Hexad* and its *Possession/Control*: the *physical disposition* of the
principles. media on which the data is stored.
*Authenticity*: allows us to talk about the proper *at-
tribution as to the owner or creator* of the data in
question.
*Utility*: how *useful* the data is to us.
6. Identify the *four *Interception*: allow *unauthorized users to access*
types of attacks*. our data, applications, or environments.
*Interruption*: cause our assets to become *unusable
or unavailable* for our use, on a temporary or perma-
nent basis.
*Modification*: involve *tampering* with our asset.
*Fabrication*: involve *generating data, processes,
communications*, or other similar activities with a sys-
tem.
, WGU C836 Fundamentals of Information Security
Study online at https://quizlet.com/_b6cp3v
7. Compare *threats*, *Risk*: the *likelihood* that an event will occur. To have
*vulnerabilities*, risk there must be a threat and vulnerability.
*risk*, and *Threats*: any *events* being man-made, natural or
*impact*. environmental that could cause damage to assets.
*Vulnerabilities*: a *weakness* that a threat event or the
threat agent can take advantage of.
*Impact*: an additional step that is taking into account
the *asset's cost*.
8. Define the Identify assets
*risk management Identify threats
process* and its Assess vulnerabilities
stages. Assess risks
Mitigating risks
9. Define the *in- the 6 step response cycle when *risk management
cident response practices have failed* and have caused an inconve-
process*. nience to a disastrous event.
10. Define the *in- Preparation
cident response Detection and analysis
process* stages. Containment
Eradication
Recovery
Post incident activity (postmortem)
(*P*ole *DA*ncing *C*ats *E*yeballed *R*abid *P*orcu-
pines)
11. Define *defense in *layering multiple controls* on top on one another.
depth*.
(Example: Using the 3 control types in multiple overlap-
ping protections. Locks on hardware server cabinets,
multilayers of authentication and policies that control
visitors in the building.)
12. Define *compli- requirements that are set forth by *laws and industry
ance*, including regulations* (HIPPA/HITECH, PCI-DSS, FISMA)
*regulatory* and
, WGU C836 Fundamentals of Information Security
Study online at https://quizlet.com/_b6cp3v
*industry* compli-
ance.
13. Identify types of *Physical*: physical items that protect assets think
*controls* to miti- locks, doors, guards, and, fences.
gate risk. *Technical/Logical*: devices and software that protect
assets think firewalls, AV, IDS, and IPS.
*Administrative*: policies that organizations create for
governance an example acceptable use and email use
policies.
14. Identify the layers Data
of a Application
*defense-in-depth* Host
strategy. Internal Network
External Network
(Network Perimeter)
15. Identify the DMZ
defensive VPN
measures in the Logging
*external network* Auditing
layer of the Penetration testing
*defense-in-depth* Vulnerability analysis
strategy.
16. Identify the Firewalls
defensive Proxy
measures in the Logging
*network Stateful packet inspection
perimeter* layer of Auditing
the Penetration testing
*defense-in-depth* Vulnerability analysis
strategy.
17. Identify the IDS
defensive IPS
measures in the Logging
*internal network* Auditing
layer of the
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TheAlphanurse. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.