Exam (elaborations)
WGU C725 Study Guide – Complete With Correct Answers
- Course
- Institution
WGU C725 Study Guide – Complete With Correct Answers
[Show more]
Content preview
WGU C725 Study Guide – Complete With CorrectAnswers
Confidentiality Right Ans - Referred to as Least privileged -users should be
given only enough privilege to perform their duties, and no more. ensure that
no unauthorized access to information is permitted and that accidental
disclosure of sensitive information is not possible.
Integrity Right Ans - Keep data pure and trustworthy by protecting system
data from intentional or accidental changes.
Prevent unauthorized users from making modifications to data or programs
Prevent authorized users from making improper or unauthorized
modifications
Maintain internal and external consistency of data and programs
Availability Right Ans - Keep data and resources available for authorized
use, especially during emergencies or disasters.
Defense in Depth Right Ans - Implemented in overlapping layers that
provide the three elements needed to secure assets: prevention, detection,
and response
Makes sure that no one mechanism is responsible for the security of the entire
system
Verification Right Ans - Process of confirming that one or more
predetermined requirements or specifications are met
Validation Right Ans - Determines the correctness or quality of the
mechanisms used to meet the needs
Functional Right Ans - What a system should do
Assurance Right Ans - How functional requirements should be
implemented
,Functional and Assurance Right Ans - Does the system do the right things
(behave as promised)?
Does the system do the right things in the right way?
Security through obscurity Right Ans - Hiding the details of the security
mechanisms is sufficient to secure the system alone - NOT TRUE
Risk assessment and Risk analysis Right Ans - Concerned with placing an
economic value on assets to best determine appropriate countermeasures
that protect them from losses.
Degree of risk Right Ans - What is the consequence of a loss?
What is the likelihood that this loss will occur?
Vulnerability Right Ans - Known problem within a system or program
Exploit Right Ans - Program or "cook-book" on how to take advantage of a
specific vulnerability.
Risk Right Ans - Probability that a threat to an information system will
materialize
Three types of security controls Right Ans - People, process, and
technology - Preventative, Detective and Responsive
Seperation of Duties Right Ans - No one person in an organization should
have the ability to control or close down a security activity.
Processes controls Right Ans - Ensure that different people can perform
the same operations exactly in the same way each time. They are documented
as procedures on how to carry out an activity related to security.
Makes sure that a single person cannot gain complete control over a system.
Information Security Governance and Risk Management Right Ans - Which
(ISC)2 domain emphasizes the importance of a comprehensive security plan
, that includes security policies and procedures for protecting data and how it
is administered.
A compilation and distillation of all security information collected
internationally of relevance to information security professionals.
Security Architecture and Design Right Ans - Which (ISC)2 domain
discusses concepts, principles, structures, and standards used to design,
implement, monitor, and secure operating systems, equipment, networks,
applications, and other controls to enforce various levels of confidentiality,
integrity, and availability.
8 domains Right Ans - How many domains are contained within the CBK?
Information Security Governance and Risk Management Right Ans - These
are included in which domain?
Documented policies, standards, procedures, and guidelines
Management of risk to corporate assets
Legal Regulations, investigations, and Compliance Right Ans - This domain
covers the different targets of computer crimes, bodies of law, and the
different types of laws and regulations as they apply to computer security.
Physical (Environmental) Security Right Ans - Topics covered in this
domain include securing the physical site using policies and procedures
coupled with the appropriate alarm and intrusion detection systems,
monitoring systems, and so forth.
Operations Security Right Ans - This domain covers the kind of operational
procedures and tools that eliminate or reduce the capability to exploit critical
information. It includes defining the controls over media, hardware, and
operators with special systems privileges.
Access Control Right Ans - Which domain covers who may access the
system, and what they can do after they are signed on?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Zendaya. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $24.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
81989 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now