100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU D430 OBJECTIVE ASSESSMENT 2024 Fundamentals of Information Security(Q & A) VERIFIED 100% GRADED A+ $10.39   Add to cart

Exam (elaborations)

WGU D430 OBJECTIVE ASSESSMENT 2024 Fundamentals of Information Security(Q & A) VERIFIED 100% GRADED A+

 4 views  0 purchase
  • Course
  • Institution

WGU D430 OBJECTIVE ASSESSMENT 2024 Fundamentals of Information Security(Q & A) VERIFIED 100% GRADED A+

Preview 3 out of 17  pages

  • February 17, 2024
  • 17
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
WGU D430 OBJECTIVE ASSESSMENT 2024
FUNDAMENTALS OF INFORMATION SECURITY(Q & A)
VERIFIED 100% GRADED A+
Information security - (correct answer)Keeping data, software, and hardware secure
against unauthorized access, use, disclosure, disruption, modification, or destruction.

Compliance - (correct answer)The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies

CIA - (correct answer)The core model of all information security. Confidential, integrity
and availability

Confidential - (correct answer)Allowing only those authorized to access the data
requested

integrity - (correct answer)Keeping data unaltered by accidental or malicious intent

Availability - (correct answer)The ability to access data when needed

Parkerian hexad model - (correct answer)Confidentiality , integrity, availability,
possession/control, authenticity, utility

Possession/ control - (correct answer)Refers to the physical disposition of the media
on which the data is stored

authenticity - (correct answer)Allows us to talk about the proper attribution as to the
owner or creator of the data in question

Utility - (correct answer)How useful the data is to us

Types of attacks - (correct answer)1- interception
2- interruption
3- modification
4- fabrication

Interception - (correct answer)Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality

Interruption - (correct answer)Attacks cause our assets to become unstable or
unavailable for our use, on a temporary or permanent basis. This attack affects
availability but can also attack integrity

Modification - (correct answer)Attacks involve tampering with our asset. Such attacks
might primarily be considered an integrity attack, but could also be an availability attack.

,Fabrication - (correct answer)Attacks involve generating data, processes,
communications, or other similar activities with a system. Attacks primarily affect
integrity but can be considered an availability attack.

Risk - (correct answer)The likelihood that a threat will occur. There must be a threat
and vulnerability

Threat - (correct answer)Any event being man-made, natural or environmental that
could damage the assets

Vulnerabilities - (correct answer)Weakness that a threat event or the threat can take
advantage of

Impact - (correct answer)taking into account the assets cost

Controls - (correct answer)The ways we protect assets. Physical, technical/ logical,
and administrative

Physical controls - (correct answer)Controls are physical items that protect assets.
Think of locks, doors, guards and fences

Technical/ logical controls - (correct answer)Controls are devices and software that
protect assets. Think of firewalls, av, ids, and ips

Administrative controls - (correct answer)Controls are the policies that organizations
create for governance. Ex: email policies

risk mamagement - (correct answer)A constant process as assets are purchased,
used and retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks

Identify assets - (correct answer)First and most important part or risk management.
Identifying and categorizing the assets we are protecting

Identify threats - (correct answer)Once we have our critical assets we can identify the
threats that might effect them

Assess Vulnerabilities - (correct answer)Look at potential threats. any given asset
may have thousand or millions of threats that could impact it, but only a small fraction of
the threats will be relevant

, Assess risks - (correct answer)Once we have identified the threats and vulnerabilities
for a given asset we can access the overall risk

Mitigating risks - (correct answer)Putting measures in place to help ensure that a
given type of threat is accounted for

Incident response - (correct answer)Response to when risk management practices
have failed and have cause an inconvenience to a disastrous event

Incident response cycle - (correct answer)1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity

Preparation phase - (correct answer)The preparation phase consists of all of the
activities that we can preform in advance of the incident itself in order to better enable
us to handle it

Detection and analysis phase - (correct answer)Where the action begins to happen.
We will detect the occurrence of an issue and decide whether or not it is actually an
incident so that we can respond

Containment phase - (correct answer)Taking steps to ensure that the situation does
not cause any more damage than it already has, or to at least lessen any ongoing harm.

Eradication phase - (correct answer)We will attempt to remove the effects of the issue
from our environment

Recovery phase - (correct answer)Recover to a better state that we were prior to the
incident or perhaps prior to when the issue started if we did not detect it immediately

Post incident activity phase - (correct answer)We attempt to determine specifically
what happened, why it happened, and what we can do to keep it from happening again.

Defense in depth - (correct answer)Layering of security controls is more effective and
secure than relying on a single control

Identity - (correct answer)Who or what we claim to be ( username)

Authentication - (correct answer)The act of proving who or what we claim to be
(password)

Identity verification - (correct answer)The half step between identity and authentication
(showing two forms of Id)

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller MEGAMINDS. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.39. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.39
  • (0)
  Add to cart