WGU D430 FUNDAMENTALS OF INFORMATION
SECURITY EXAM OBJECTIVE ASSESSMENT NEWEST
EXAM 2024 QUESTIONS AND CORRECT ANSWERS
|GRADED A+ 100% PASS!
Possession - ANSWER-Do you physically have the data in question?
Used to describe the scope of a loss
Identify the four types of attacks - ANSWER-interception,
interruption, modification, and fabrication
Interception attacks - ANSWER-Make your assets unusable or
unavailable
Interruption attacks - ANSWER-cause assets to become unusable or
unavailable for our use, on a temporary or permanent basis
Modification attacks - ANSWER-Tampering with an asset
Fabrication attacks - ANSWER-Generating data, process, and
communications
Define the risk management process - ANSWER-1. Identify assets
,2. Identify threats
3. Assess vulnerabilities
4. Assess risks
5. Mitigate risks
Define the incident response process and its stages. - ANSWER-
Preparation
Detection and analysis
Containment
Eradication
Recovery
Preparation in incident response - ANSWER-creating policies and
procedures
Detection in incident response - ANSWER-Using tools and humans to
decide if an incident is an incident
Defense in Depth - ANSWER-employing multiple layers of controls to
avoid a single point of failure
Identify types of controls to mitigate risk - ANSWER-physical, logical,
administrative
,Identify elements of risk management in policies and procedures. -
ANSWER-Development of robust policies
Identification of emergent recent
Identify elements of internal weakness
Identify the layers of a defense-in-depth strategy. - ANSWER-External
network
Internal network
Host
Application
Data
Define identification - ANSWER-The claim of who we/networks are
Define the confidentiality in the CIA triad. - ANSWER-Our ability to
protect data from those who are not authorized to view it.
Examples of confidentiality - ANSWER-A patron using an ATM card
wants to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? - ANSWER-Losing a laptop
An attacker gets access to info
A person can look over your shoulder
, Define integrity in the CIA triad. - ANSWER-The ability to prevent
people from changing your data and the ability to reverse unwanted
changes.
How do you control integrity? - ANSWER-Permissions restrict what
users can do (read, write, etc.)
Examples of integrity - ANSWER-Data used by a doctor to make
medical decisions needs to be correct or the patient can die.
Define the availability in the CIA triad. - ANSWER-Our data needs to
be accessible when we need it.
How can availability be broken? - ANSWER-Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
Define information security. - ANSWER-The protection of information
and information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. - ANSWER-The
Parkerian Hexad includes confidentiality, integrity, and availability
from the CIA triad. It also includes possession (or control),
authenticity, and utility.
SECURITY EXAM OBJECTIVE ASSESSMENT NEWEST
EXAM 2024 QUESTIONS AND CORRECT ANSWERS
|GRADED A+ 100% PASS!
Possession - ANSWER-Do you physically have the data in question?
Used to describe the scope of a loss
Identify the four types of attacks - ANSWER-interception,
interruption, modification, and fabrication
Interception attacks - ANSWER-Make your assets unusable or
unavailable
Interruption attacks - ANSWER-cause assets to become unusable or
unavailable for our use, on a temporary or permanent basis
Modification attacks - ANSWER-Tampering with an asset
Fabrication attacks - ANSWER-Generating data, process, and
communications
Define the risk management process - ANSWER-1. Identify assets
,2. Identify threats
3. Assess vulnerabilities
4. Assess risks
5. Mitigate risks
Define the incident response process and its stages. - ANSWER-
Preparation
Detection and analysis
Containment
Eradication
Recovery
Preparation in incident response - ANSWER-creating policies and
procedures
Detection in incident response - ANSWER-Using tools and humans to
decide if an incident is an incident
Defense in Depth - ANSWER-employing multiple layers of controls to
avoid a single point of failure
Identify types of controls to mitigate risk - ANSWER-physical, logical,
administrative
,Identify elements of risk management in policies and procedures. -
ANSWER-Development of robust policies
Identification of emergent recent
Identify elements of internal weakness
Identify the layers of a defense-in-depth strategy. - ANSWER-External
network
Internal network
Host
Application
Data
Define identification - ANSWER-The claim of who we/networks are
Define the confidentiality in the CIA triad. - ANSWER-Our ability to
protect data from those who are not authorized to view it.
Examples of confidentiality - ANSWER-A patron using an ATM card
wants to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
How can confidentiality be broken? - ANSWER-Losing a laptop
An attacker gets access to info
A person can look over your shoulder
, Define integrity in the CIA triad. - ANSWER-The ability to prevent
people from changing your data and the ability to reverse unwanted
changes.
How do you control integrity? - ANSWER-Permissions restrict what
users can do (read, write, etc.)
Examples of integrity - ANSWER-Data used by a doctor to make
medical decisions needs to be correct or the patient can die.
Define the availability in the CIA triad. - ANSWER-Our data needs to
be accessible when we need it.
How can availability be broken? - ANSWER-Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
Define information security. - ANSWER-The protection of information
and information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
Define the Parkerian Hexad and its principles. - ANSWER-The
Parkerian Hexad includes confidentiality, integrity, and availability
from the CIA triad. It also includes possession (or control),
authenticity, and utility.
