WGU D430 Fundamentals of
Information Security
questions and answers
Define the confidentiality in the CIA triad. - answer
Our ability to protect data from those who are not
authorized to view it.
Examples of confidentiality - answer A patron using
an ATM card wants to keep their PIN number
confidential.
An ATM owner wants to keep bank account
numbers confidential.
How can confidentiality be broken? - answer Losing
a laptop
An attacker gets access to info
A person can look over your shoulder
Define integrity in the CIA triad. - answer The
ability to prevent people from changing your data
and the ability to reverse unwanted changes.
,How do you control integrity? - answer Permissions
restrict what users can do (read, write, etc.)
Examples of integrity - answer Data used by a
doctor to make medical decisions needs to be
correct or the patient can die.
Define the availability in the CIA triad. - answer
Our data needs to be accessible when we need it.
How can availability be broken? - answer Loss of
power, application problems. If caused by an
attacker, this is a Denial of Service attack.
Define information security. - answer The
protection of information and information systems
from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. -
answer The Parkerian Hexad includes
confidentiality, integrity, and availability from the
CIA triad. It also includes possession (or control),
authenticity, and utility.
, Authenticity - answer Whether the data in question
comes from who or where it says it comes from
(i.e. did this person actually send this email?)
Confidentiality is affected by what type of attack? -
answer Interception (eaves dropping)
Integrity is affected by what type of attacks? -
answer Interruption (assets are unusable),
modification (tampering with an asset), fabrication
(generating false data)
Authenticity is affected by what type of attacks? -
answer Interruption (assets are unusable),
modification (tampering with an asset), fabrication
(generating false data)
Utility - answer How useful the data is to you (can
be a spectrum, not just yes or no)
Possession - answer Do you physically have the
data in question? Used to describe the scope of a
loss
Identify the four types of attacks - answer
interception, interruption, modification, and
fabrication
Information Security
questions and answers
Define the confidentiality in the CIA triad. - answer
Our ability to protect data from those who are not
authorized to view it.
Examples of confidentiality - answer A patron using
an ATM card wants to keep their PIN number
confidential.
An ATM owner wants to keep bank account
numbers confidential.
How can confidentiality be broken? - answer Losing
a laptop
An attacker gets access to info
A person can look over your shoulder
Define integrity in the CIA triad. - answer The
ability to prevent people from changing your data
and the ability to reverse unwanted changes.
,How do you control integrity? - answer Permissions
restrict what users can do (read, write, etc.)
Examples of integrity - answer Data used by a
doctor to make medical decisions needs to be
correct or the patient can die.
Define the availability in the CIA triad. - answer
Our data needs to be accessible when we need it.
How can availability be broken? - answer Loss of
power, application problems. If caused by an
attacker, this is a Denial of Service attack.
Define information security. - answer The
protection of information and information systems
from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. -
answer The Parkerian Hexad includes
confidentiality, integrity, and availability from the
CIA triad. It also includes possession (or control),
authenticity, and utility.
, Authenticity - answer Whether the data in question
comes from who or where it says it comes from
(i.e. did this person actually send this email?)
Confidentiality is affected by what type of attack? -
answer Interception (eaves dropping)
Integrity is affected by what type of attacks? -
answer Interruption (assets are unusable),
modification (tampering with an asset), fabrication
(generating false data)
Authenticity is affected by what type of attacks? -
answer Interruption (assets are unusable),
modification (tampering with an asset), fabrication
(generating false data)
Utility - answer How useful the data is to you (can
be a spectrum, not just yes or no)
Possession - answer Do you physically have the
data in question? Used to describe the scope of a
loss
Identify the four types of attacks - answer
interception, interruption, modification, and
fabrication
