C836 CHAPTER 1-6 WGU, With Complete Verified Solution. 2024.
7 views 0 purchase
Course
WGU C836
Institution
WGU C836
C836 CHAPTER 1-6 WGU, With Complete Verified Solution. 2024.
FISMA (Federal Information Security Modernization Act)
this law provides a framework for ensuring the effectiveness of information security controls in federal government
- changed from Management (2002) to Modernization in 2014
HIP...
C836 CHAPTER 1-6 WGU, With Complete Verified
Solution. 2024.
FISMA (Federal Information Security Modernization Act)
this law provides a framework for ensuring the effectiveness of information security
controls in federal government
- changed from Management (2002) to Modernization in 2014
HIPAA (Health Insurance Portability and Accountability Act)
this law improves the efficiency and effectiveness of the health care system and
protects patient privacy
FERPA (Family Educational Rights and Privacy Act)
this law protects the privacy of students and their parents
SOX (Sarbanes-Oxley Act)
this law regulates the financial practice and governance of corporations
GLBA (Gramm-Leach-Bliley Act)
this law protects the customers of financial institutions
compliance
relating to an organization's adherence to laws, regulations, and standards
regulatory compliance
Regulations mandated by law usually requiring regular audits and assessments
industry compliance
Regulations or standards designed for specific industries that may impact ability to
conduct business (e.g. PCI DSS)
privacy
the state or condition of being free from being observed or disturbed by other people
The Federal Privacy Act of 1974
This act safeguards privacy through the establishment of procedural and substantive
rights in personal data
privacy rights
Rights relating to the protection of an individual's personal information
PII (Personally Identifiable Information)
Information that can be used to identify an individual, and should be protected as
sensitive data and monitored for compliance
cryptography
the science of keeping information secure
Cryptanalysis
The science of breaking through the encryption used to create ciphertext
cryptology
The overarching field of study that covers cryptography and cryptanalysis
cryptographic algorithm (cipher)
The specifics of the process used to encrypt plaintext or decrypt ciphertext
plaintext (cleartext)
unencrypted data
ciphertext
encrypted data
, Caesar cipher
an ancient cryptographic technique based on transposition; involves shifting each letter
of a plaintext message by a certain number of letters (historically 3)
ROT13 cipher
a more recent cipher that uses the same mechanism as the Caesar cipher but moves
each letter 13 places forward
symmetric key cryptography (private key cryptography)
uses a single key for both encryption of the plaintext and decryption of the ciphertext
block cipher
A type of cipher that takes a predetermined number of bits in the plaintext message
(commonly 64 bits) and encrypts that block
stream cipher
A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time
AES (Advanced Encryption Standard)
A set of symmetric block ciphers endorsed by the US government through NIST. Shares
the same block modes that DES uses and also includes other modes such as XEX-
based Tweaked CodeBook (TCB) mode
asymmetric key cryptography (public key cryptography)
this method uses 2 keys, a public key and a private key
SSL (secure sockets layer)
a protocol that uses the RSA algorithm (an asymmetric algorithm) to secure web and
email traffic
hash function (message digest)
keyless cryptography that creates a largely unique and fixed-length hash value based
on the original mesage
hash
used to determine whether the message has changed;
provides integrity (but not confidentiality)
digital signature
a method of securing a message that involves generating a hash and encrypting it using
a private key
certificate
created to link a public key to a particular individual;
used as a form of electronic identification for that person
CA (certificate authority)
a trusted entity that handles digital certificates
PKI (public key infrastructure)
infrastructure that includes the CAs that issue and verify certificates and the RAs that
verify the identity of the individuals associated with the certificates
RA (registration authority)
An authority in a PKI that verifies the identity of the individual associated with the
certificate
CRL (Certificate Revocation List)
a public list that holds all the revoked certifications for a certain period of time
data at rest
Data that is on a storage device of some kind and is not moving
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICAIDSTORE. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.