- Study guides, Class notes & Summaries

WGU D430 Fundamentals of Information Security Questions and Answers AES - Answer AES is the standard encryption algorithm used by the US Federal government. Asymmetric Key Cryptography - Answer Encryption that uses two separate keys- a public key and a private key. Advantage is that you can post the public key and anyone can send you an encrypted message. Auditing - Answer Hold users of your system accountable. A methodical examination and review of an organization's records. Authentic...

What are valid SQL Commands SELECT, DELETE, GRANT, UPDATE, INSERT What are applications that use UDP NFS, TFTP, SNMP What is a method to ensure the entire transaction (db) is executed to ensure integrity Two-phase commit What is the order of volatility in collecting evidence 1. Memory 2. Network Process 3. System Process 4. Hard Drives 5. Backup Tapes 6. DVDs What is the best choice to ensure certain messages from the web are transmitted securely S-HTTP What is used to secure...

Information Security Management Communicates risks accepted by the organization due to the currently implemented security controls, and it continually works to cost effectively enhance the controls to minimize the risk to the companies information assets, Threat Exploiting a vulnerability Threat agent. What actually exploits a threat. Risk Probability of a vulnerability being exploited by a threat, resulting in business impact. Relationships Associating vulnerabilities to thr...

3 Recognized Authentication Factors What you: Have, Know, Are 3 types of subjects and their roles in a security environment The user access objects on a system to perform a work task, the owner is liable for protection of data, the data custodian is assigned to classify and protect data 4 Key principles upon which access control relies Identification, Authentication, Authorization, Accountability (IAAA) 5 Networking device types other than firewalls Routers, switches, hubs, repeaters, b...

Which security principle ensures that information is protected from being modified by unauthorized individuals? Integrity The head of the security department at your organization is warning employees to be suspicious of e-mails that they receive claiming to be from the bank. They warn that the e-mail will typically require you to provide account information to resolve an issue with your account. Which type of attack is being discussed? Phishing What can be used for synthetic performance mo...

CISSP Official ISC2 practice tests (All domains)

CISSP Practice Test 1 250.

CISSP Exam

CISSP - Practice.

Official (ISC)² CISSP (All Domains).