Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Cybersecurity Management I - Strategic – WGU C727. Exam Review, Graded A+

Rating
-
Sold
-
Pages
25
Grade
A+
Uploaded on
23-08-2023
Written in
2023/2024

Cybersecurity Management I - Strategic – WGU C727. Exam Review, Graded A+ CIA Triad Confidentiality: Authorized users only: EX. Un/PW(minimum level of secrecy) (uses encryption). Classify to properly to protect confidentiality Integrity: Prevent changes: EX. editing database (reliability of info) Availability: Equipment available for use: ex. reboots, server failures (redundancy, fault tolerance) five key functions: identify, protect, detect, respond, and recover. 1. The identify function is where you develop an understanding of what your risks are, what your assets are, and what your capabilities are. 2. Protect is your set of plans and actions that put in place the right controls (remember: controls do stuff) to protect the assets. 3. Detect is the set of plans and actions that you will use to identify, classify, etc., an attack against your assets. 4. Respond is the set of activities that you engage in response to an attack. 5. Finally, recover refers to whatever plans or protocols you have in place to bring things back to normal after an attack Access Controls Access Control techniques support the access control models. A technical(logical) control is put into place to restrict access to networks and systems. Examples: System auditing(accountability), software controls and Monitoring(smart cards). An administrative(managerial) control define the security policy, standards, guidelines, supervisory structure, security awareness training and SOP. Examples: rotation of duties, separation of duties, and mandatory vacations. Policies and procedures that are developed by management to ensure the organization is secure(Background checks). A physical control is implemented to secure physical access to an object, such as a building, a room, or a computer. The three access control categories provide seven different functionalities or purposes: Preventative - A preventative control prevents security breaches and avoids risks(fences, locks, separation-of-duties policies, job rotation policies, data classification, penetration testing, antivirus software, firewalls, and intrusion prevention systems, routers, encryption.)also, edit forms controls and limit check(limit pay to prevent fraud). Detective - security breaches as they occur (security guards, motion detectors, recording and reviewing of events captured by security cameras or CCTV, job rotation policies, mandatory vacation policies, audit trails, honeypots or honeynets, intrusion detection systems, violation reports, supervision and reviews of users, and incident investigations.). Corrective - A corrective control restores control and attempts to correct any damage that was inflicted during a security breach(can be simple, such as terminating malicious activity or rebooting a system. They also include antivirus solutions that can remove or quarantine a virus, backup and restore plans to ensure that lost data can be restored, and active intrusion detection systems that can modify the environment to stop an attack in progress.). Business Continuity Planning is a corrective control. Deterrent - A deterrent control deters potentials violations. Recovery - A recovery control restores resources. Compensative(Less expensive) - A compensative control provides an alternative control if another control may be too expensive(requiring two authorized signatures to release sensitive information, needing two keys to open a safety deposit box, signing in or out of a traffic log, and using a magnetic card to access to an operations center.). Directive - A directive control provides mandatory controls based on regulations or environmental requirements. Defense in Depth A defense that uses multiple types of security devices to protect a network. Also called layered security. This security is implemented in overlapping layers that provide the three elements needed to secure assets: prevention, detection, and response. Defense in depth also seeks to offset the weaknesses of one security layer by the strengths of two or more layers. governance strategy responsibility Board of directors - Strategy definition Executive team - Strategy implementation Operations team - Strategy execution Control Objectives for Information and Related Technology (COBIT) COBIT is a security framework that acts as a model for IT governance and focuses more on operational goals. COBIT is an initiative from the Information Systems Audit and Control Association (ISACA) and is preferred among IT auditors COBIT 5 is based on five key principles for governance and management of enterprise IT: Principle 1: Meeting Stakeholder Needs Principle 2: Covering the Enterprise End-to-End Principle 3: Applying a Single, Integrated Framework

Show more Read less
Institution
Module










Whoops! We can’t load your doc right now. Try again or contact support.

Written for

Institution
Module

Document information

Uploaded on
August 23, 2023
Number of pages
25
Written in
2023/2024
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

£7.75
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
PassPoint02 Chamberlain School Of Nursing
Follow You need to be logged in order to follow users or courses
Sold
176
Member since
4 year
Number of followers
105
Documents
4576
Last sold
1 month ago

4.1

39 reviews

5
22
4
6
3
5
2
4
1
2

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their exams and reviewed by others who've used these revision notes.

Didn't get what you expected? Choose another document

No problem! You can straightaway pick a different document that better suits what you're after.

Pay as you like, start learning straight away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and smashed it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions