1/85
, WGUGD430G FUNDAMENTALSG OFGINFORMATIONG
SECURITYGFINALGEXAMGANDG PRACTICEG EXAMG2
024/ACTUALGEXAMSG WITHG 500G QUESTIONSGAND
CORRECTGDETAILEDGANSWERS/A+G GRADEGW
GUGD430GFINALGEXAM
AccessG ControlG ListG –
CORRECTGANSWER:G infoG aboutG whatG kindG ofG accessG certainpartiesG ar
eGallowedGtoGhaveGtoGaGgivenGsystem
ReadG,G writeG,Gexecute
AccessG ControlG ModelsG –
CORRECTGANSWER:G DiscretionaryG (G DACG )MandatoryG (G MAC
G )GRuleG-Gbased
RoleG -GbasedG(GRBACG)
AttributeG-G basedG(GABACG)
AccountabilityG –
CORRECTGANSWER:
RefersG toG makingG sureG thatGaG personG isresponsibleG forG theirG actionsG .
-ItG providesG usGwithGtheG meansG toG traceG activitiesG inG ourG environmentG backG toG their
source
-
DependsG onGidentificationG ,G authenticationG ,G andG accessG controlG beingG pres
entG soGthatG wecanGknowGwhoGaGgivenGtransactionGisGassociatedG withG,GandG
what
permissionsG wereG usedG toG allowG themG toG carryG itG outG.
2/85
,AcessG ControlG –
CORRECTGANSWER:G AllowingG -
G letsG usG giveG aG particularG partyG accesstoG aG givenGsource
DenyingG -G oppositeG ofG gainingG access
LimitingG-GallowingG someGaccessG toGourGresourceG ,G onlyGupGtoG aG certainGpoint
RevokingG -G takesG accessG awayG fromG formerG user
AESG–
CORRECTGANSWER:GusesGthreeGdifferentGciphersG:GoneGwithGaG128G-
GbitGkeyG,GoneG withGaG192G-GbitGkeyG,GandGoneG withGaG256G-
GbitGkeyG,GallGhavingGaGblockGlengthGofG128G bits
AsymmetricG cryptographyG –
CORRECTGANSWER:G aG publicG keyG andG aG privateG keyG .GThepublicG keyGis
G usedG toGencryptG dataG sentG fromG theG senderG toG theG receiverG andG isG shared
G withG everyoneG .GPrivateG keysG areG usedG toG decryptG dataG thatGarrivesG atG th
eGreceivingG endG andG areGveryGcarefullyGguardedGbyGtheGreceiveG (GakaGtheG
publicGkeyGcryptographyG)
AsymmetricG KeyGAlgorithmsG –
CORRECTGANSWER:
SecureG SocketsG LayerG (G RSAG)EllipticG CurveG CryptographyG (G
ECCG )GPrettyGGoodGPrivacyG(GPGPG)
TransportGLayerGSecurity
G(GTLSG)
AttackGTypesG–
3/85
, CORRECTGANSWER:G InterceptionInterruptionGModificati
on
Fabrication
AttackGtypesG andG theirG effectG –
CORRECTGANSWER:GInterceptionGisGtheGONLYGattackG thatGaffectsGonGc
onfidentiality.G Interruption,G modification,G andGfabricationG affectsG integrityan
dGavailabilityGbecauseGmostGofGtheGtimeGthey'reGimpactingGdata.
AttributeG-G basedG (GABACG )
-
G CORRECTGANSWER:G basedG onG attributesG ,G suchG asG ofG apersonG ,G resou
rceG ,G orGanGenvironment
AuditingG –
CORRECTGANSWER:G theG examinationG andG reviewG ofG anG organization'sGr
ecordsGtoG ensureGaccountabilityGthroughGtechnicalGmeansG.
AuthenticationG –
CORRECTGANSWER:G verifyingG thatG aG personG isG whoG theyG claimG toG be
AuthorizationG –
CORRECTGANSWER:G whatG theG userG canGaccessG ,GmodifyG,G andG delete
AvailabilityG –
CORRECTGANSWER:G ForG one'sGAUTHORIZEDG toGACCESSG dataG whenneeded
4/85
, WGUGD430G FUNDAMENTALSG OFGINFORMATIONG
SECURITYGFINALGEXAMGANDG PRACTICEG EXAMG2
024/ACTUALGEXAMSG WITHG 500G QUESTIONSGAND
CORRECTGDETAILEDGANSWERS/A+G GRADEGW
GUGD430GFINALGEXAM
AccessG ControlG ListG –
CORRECTGANSWER:G infoG aboutG whatG kindG ofG accessG certainpartiesG ar
eGallowedGtoGhaveGtoGaGgivenGsystem
ReadG,G writeG,Gexecute
AccessG ControlG ModelsG –
CORRECTGANSWER:G DiscretionaryG (G DACG )MandatoryG (G MAC
G )GRuleG-Gbased
RoleG -GbasedG(GRBACG)
AttributeG-G basedG(GABACG)
AccountabilityG –
CORRECTGANSWER:
RefersG toG makingG sureG thatGaG personG isresponsibleG forG theirG actionsG .
-ItG providesG usGwithGtheG meansG toG traceG activitiesG inG ourG environmentG backG toG their
source
-
DependsG onGidentificationG ,G authenticationG ,G andG accessG controlG beingG pres
entG soGthatG wecanGknowGwhoGaGgivenGtransactionGisGassociatedG withG,GandG
what
permissionsG wereG usedG toG allowG themG toG carryG itG outG.
2/85
,AcessG ControlG –
CORRECTGANSWER:G AllowingG -
G letsG usG giveG aG particularG partyG accesstoG aG givenGsource
DenyingG -G oppositeG ofG gainingG access
LimitingG-GallowingG someGaccessG toGourGresourceG ,G onlyGupGtoG aG certainGpoint
RevokingG -G takesG accessG awayG fromG formerG user
AESG–
CORRECTGANSWER:GusesGthreeGdifferentGciphersG:GoneGwithGaG128G-
GbitGkeyG,GoneG withGaG192G-GbitGkeyG,GandGoneG withGaG256G-
GbitGkeyG,GallGhavingGaGblockGlengthGofG128G bits
AsymmetricG cryptographyG –
CORRECTGANSWER:G aG publicG keyG andG aG privateG keyG .GThepublicG keyGis
G usedG toGencryptG dataG sentG fromG theG senderG toG theG receiverG andG isG shared
G withG everyoneG .GPrivateG keysG areG usedG toG decryptG dataG thatGarrivesG atG th
eGreceivingG endG andG areGveryGcarefullyGguardedGbyGtheGreceiveG (GakaGtheG
publicGkeyGcryptographyG)
AsymmetricG KeyGAlgorithmsG –
CORRECTGANSWER:
SecureG SocketsG LayerG (G RSAG)EllipticG CurveG CryptographyG (G
ECCG )GPrettyGGoodGPrivacyG(GPGPG)
TransportGLayerGSecurity
G(GTLSG)
AttackGTypesG–
3/85
, CORRECTGANSWER:G InterceptionInterruptionGModificati
on
Fabrication
AttackGtypesG andG theirG effectG –
CORRECTGANSWER:GInterceptionGisGtheGONLYGattackG thatGaffectsGonGc
onfidentiality.G Interruption,G modification,G andGfabricationG affectsG integrityan
dGavailabilityGbecauseGmostGofGtheGtimeGthey'reGimpactingGdata.
AttributeG-G basedG (GABACG )
-
G CORRECTGANSWER:G basedG onG attributesG ,G suchG asG ofG apersonG ,G resou
rceG ,G orGanGenvironment
AuditingG –
CORRECTGANSWER:G theG examinationG andG reviewG ofG anG organization'sGr
ecordsGtoG ensureGaccountabilityGthroughGtechnicalGmeansG.
AuthenticationG –
CORRECTGANSWER:G verifyingG thatG aG personG isG whoG theyG claimG toG be
AuthorizationG –
CORRECTGANSWER:G whatG theG userG canGaccessG ,GmodifyG,G andG delete
AvailabilityG –
CORRECTGANSWER:G ForG one'sGAUTHORIZEDG toGACCESSG dataG whenneeded
4/85
