100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
WGU D340 WITH 100- SURE ANSWERS $9.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. RAFFE
  4.  
  5. RAFFE

Exam (elaborations)

WGU D340 WITH 100- SURE ANSWERS
 0 view  0 purchase
  • Course
  • RAFFE
  • Institution
  • RAFFE

WGU D340 WITH 100- SURE ANSWERS

Preview 2 out of 5  pages

Document information

  • October 5, 2024
  • 5
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • wgu d340 with 100 sure answers

Written for

  • RAFFE
  • RAFFE

Seller

avatar-seller
mbitheeunice2015

Content preview

10/5/24, 7:14 AM




EUNICE




WGU D340 WITH 100% SURE ANSWERS

Terms in this set (128)


Confidentiality WHO can access the data

Integrity keeping data UNALTERED

Availability for ones AUTHORIZED to ACCESS data when needed

Confidential allowing only those authorized to access the data requested

Integrity keeping data unaltered in an unauthorized manner and reliable

Availability the ability for those authorized to access data when needed

CIA Triad Confidentiality, Integrity, Availability

Parkerian Hexad Confidentiality, Availability, Integrity, Possession, Authenticity, Utility

Possession physical deposition of the media on which the data is stored

allows us to talk about the proper attribution as to the owner or creator of the data in
Authenticity
question

Utility how useful the data is to us

Interception an attacker has access to data, applications, or environment (effects confidentiality)

attacks cause our assets to become unusable or unavailable (effects integrity and
Interruption
availability)

Modification attacks involve tampering with our asset (effects integrity and availability)

Fabrication attacks that create false information (effects integrity and avaliblilty)

Threat something that has potential to cause harm

Vulnerability weaknesses that can be used to harm us

Authentication verifying that a person is who they claim to be

Something you know: username, password, PIN

Something you have: ID badge, swipe card, OTP

Something you are: fingerprint, Iris, Retina scan




1/5

, 10/5/24, 7:14 AM
Somewhere you are: geolocation

Something you do: handwriting, typing, walking

Mutual authentication both parties in a transaction to authenticate each other

-Has digital certificates


-Prevents man in the middle attacks

Mutual authentication
-The man in the middle is where the attacker inserts themselves into the traffic flow


-Ex. Both the PC and server authenticate each other before data is sent in either
direction

1. Identify Asset
2. Identify Threats
Risk management process 3. Assess Vulnerabilities
4. Assess Risk
5. Mitigate Risk

Identify Asset identifying and categorizing assets that we're protecting

Identify Threats identify threats

Assess Vulnerabilities look for impacts

Mitigate Risk ensure that a given type of threat is accounted for

1. Preparation
2. Detection and Analysis (Identification)
3. Containment
Incident response process
4. Eradication
5. Recovery
6. Post-incident activity

the activities that we can perform, in advance of the incident itself, in order to better
Preparation
enable us to handle it.

detect the occurrence of an issue and decide whether or not it is actually an
Detection and Analysis (Identification)
incident, so that we can respond appropriately to it.

involves taking steps to ensure that the situation does not cause any more damage
Containment
than it already has, or to at least lessen any ongoing harm.

Eradication attempt to remove the effects of the issue from our environment.

restoring devices or data to pre-incident state (rebuilding systems, reloading
Recovery
applications, backup media, etc.)

determine specifically what happened, why it happened, and what we can do to
Post-incident activity
keep it from happening again. (postmortem).

Authorization what the user can access, modify, and delete

Least Privilege giving the bare minimum level of access it needs to perform its job/functionality

info about what kind of access certain parties are allowed to have to a given system.
Access Control List
- Read, write, execute

Allowing
Denying
Acess Control
Limiting
Revoking

Allowing lets us give a particular party access to a given source



2/5

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller mbitheeunice2015. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81503 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.49
  • (0)
  Add to cart