WGU D430 OBJECTIVE ASSESSMENT 2024
FUNDAMENTALS OF INFORMATION SECURITY(Q & A)
VERIFIED 100% GRADED A+
Information security - (correct answer)Keeping data, software, and hardware secure
against unauthorized access, use, disclosure, disruption, modification, or destruction.
Compliance - (correct answer)The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
CIA - (correct answer)The core model of all information security. Confidential, integrity
and availability
Confidential - (correct answer)Allowing only those authorized to access the data
requested
integrity - (correct answer)Keeping data unaltered by accidental or malicious intent
Availability - (correct answer)The ability to access data when needed
Interception - (correct answer)Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
Interruption - (correct answer)Attacks cause our assets to become unstable or
unavailable for our use, on a temporary or permanent basis. This attack affects
availability but can also attack integrity
Modification - (correct answer)Attacks involve tampering with our asset. Such attacks
might primarily be considered an integrity attack, but could also be an availability attack.
,Fabrication - (correct answer)Attacks involve generating data, processes,
communications, or other similar activities with a system. Attacks primarily affect
integrity but can be considered an availability attack.
Risk - (correct answer)The likelihood that a threat will occur. There must be a threat
and vulnerability
Threat - (correct answer)Any event being man-made, natural or environmental that
could damage the assets
Vulnerabilities - (correct answer)Weakness that a threat event or the threat can take
advantage of
Impact - (correct answer)taking into account the assets cost
Controls - (correct answer)The ways we protect assets. Physical, technical/ logical,
and administrative
Physical controls - (correct answer)Controls are physical items that protect assets.
Think of locks, doors, guards and fences
Technical/ logical controls - (correct answer)Controls are devices and software that
protect assets. Think of firewalls, av, ids, and ips
Administrative controls - (correct answer)Controls are the policies that organizations
create for governance. Ex: email policies
risk mamagement - (correct answer)A constant process as assets are purchased,
used and retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - (correct answer)First and most important part or risk management.
Identifying and categorizing the assets we are protecting
Identify threats - (correct answer)Once we have our critical assets we can identify the
threats that might effect them
Assess Vulnerabilities - (correct answer)Look at potential threats. any given asset
may have thousand or millions of threats that could impact it, but only a small fraction of
the threats will be relevant
, Assess risks - (correct answer)Once we have identified the threats and vulnerabilities
for a given asset we can access the overall risk
Mitigating risks - (correct answer)Putting measures in place to help ensure that a
given type of threat is accounted for
Incident response - (correct answer)Response to when risk management practices
have failed and have cause an inconvenience to a disastrous event
Preparation phase - (correct answer)The preparation phase consists of all of the
activities that we can preform in advance of the incident itself in order to better enable
us to handle it
Detection and analysis phase - (correct answer)Where the action begins to happen.
We will detect the occurrence of an issue and decide whether or not it is actually an
incident so that we can respond
Containment phase - (correct answer)Taking steps to ensure that the situation does
not cause any more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - (correct answer)We will attempt to remove the effects of the issue
from our environment
Recovery phase - (correct answer)Recover to a better state that we were prior to the
incident or perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - (correct answer)We attempt to determine specifically
what happened, why it happened, and what we can do to keep it from happening again.
Defense in depth - (correct answer)Layering of security controls is more effective and
secure than relying on a single control
Identity - (correct answer)Who or what we claim to be ( username)
Authentication - (correct answer)The act of proving who or what we claim to be
(password)
Identity verification - (correct answer)The half step between identity and authentication
(showing two forms of Id)
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MEGAMINDS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.39. You're not tied to anything after your purchase.
