Study Guide Assessment for WGU D430
fundamentals of information security Exam
with Questions and Verified Rationalized Answers Graded A+
1. Confidentiality: Allows only authorized access to requested datar r r r r r r
2. Integrity: Ensures data remains unaltered and reliable
r r r r r r
3. Availability: Enables authorized data access when needed
r r r r r r
4. Possession: Physical Deposition of the media where data is stored
r r r r r r r r r
5. Authenticity: Proper attribution to the owner or creator of the data
r r r r r r r r r r
6. Utility: Measures the usefulness of the data
r r r r r r
7. What are the 3 components of the CIATriad?: Confidentiality, Integrity, Avail- ability
r r r r r r r r r r r r
8. What are the 6 components of the Parkerian Hexad?: Confidentiality, Integrity, Availability
r r r r r r r r r r r
, Possession, Authenticity, Utility
r r r
9. What are the 4 AttackTypes?: Interception, Interruption, Modification, Fabrica- tion
r r r r r r r r r r
10. Interception: Attacker has access to data, applications, or environment
r r r r r r r r
11. Interruption: Attacks cause assets to become unusable or unavailable
r r r r r r r r
12. Modification: Attacks involve tampering with assets r r r r r
13. Fabrication: Attacks that create false information
r r r r r
14. Threat: Potential to cause harm
r r r r
15. Vulnerability: Weaknesses that can be used to harm us r r r r r r r r
16. Authentication: Verifies a person's identity through various factors r r r r r r r
17. Mutual Authentication: both parties authenticate each other using digital cer-
r r r r r r r r r
tificates to prevent man-in-the-middle attacks
r r r r r
1r/r9
, 18. What are the 5 steps in the Risk Management Process?: Identify Asset, Identify Thr
r r r r r r r r r r r r r
eats, Assess Vulnerabilities, Assess Risk, Mitigate Risk
r r r r r r
19. Identify Asset: Categorize Assets being protected
r r r r r
20. IdentifyThreats: recognize potential threats
r r r r
21. AssessVulnerabilities: evaluate impacts
r r r
22. Assess Risk: overall risk assessment
r r r r
23. Mitigate Risk: ensure threats are accounted for
r r r r r r
24. What are the 6 steps in the Incident Response Process?: Preparation, Detection & A
r r r r r r r r r r r r r
nalysis, Containment, Eradication, Recovery, Post-incident activity
r r r r r
25. Preparation: Activities performed in advance to better handle incidents
r r r r r r r r
26. Detection & Analysis: Identify and analyze incidents
r r r r r r
27. Containment: Steps to prevent further damage r r r r r
28. Eradication: Remove effects of the issue r r r r r
29. Recovery: Restore devices or data to pre-incident state
r r r r r r r
30. Post-incident activity: determine what happened and prevent recurrence
r r r r r r r
31. Authorization: determines user access, modification, and deletion
r r r r r r
32. Least Privilege: Provides minimum access necessary for functionality
r r r r r r r
33. Access Control: Allows, denies, limits, and revokes access
r r r r r r r
2r/r9
fundamentals of information security Exam
with Questions and Verified Rationalized Answers Graded A+
1. Confidentiality: Allows only authorized access to requested datar r r r r r r
2. Integrity: Ensures data remains unaltered and reliable
r r r r r r
3. Availability: Enables authorized data access when needed
r r r r r r
4. Possession: Physical Deposition of the media where data is stored
r r r r r r r r r
5. Authenticity: Proper attribution to the owner or creator of the data
r r r r r r r r r r
6. Utility: Measures the usefulness of the data
r r r r r r
7. What are the 3 components of the CIATriad?: Confidentiality, Integrity, Avail- ability
r r r r r r r r r r r r
8. What are the 6 components of the Parkerian Hexad?: Confidentiality, Integrity, Availability
r r r r r r r r r r r
, Possession, Authenticity, Utility
r r r
9. What are the 4 AttackTypes?: Interception, Interruption, Modification, Fabrica- tion
r r r r r r r r r r
10. Interception: Attacker has access to data, applications, or environment
r r r r r r r r
11. Interruption: Attacks cause assets to become unusable or unavailable
r r r r r r r r
12. Modification: Attacks involve tampering with assets r r r r r
13. Fabrication: Attacks that create false information
r r r r r
14. Threat: Potential to cause harm
r r r r
15. Vulnerability: Weaknesses that can be used to harm us r r r r r r r r
16. Authentication: Verifies a person's identity through various factors r r r r r r r
17. Mutual Authentication: both parties authenticate each other using digital cer-
r r r r r r r r r
tificates to prevent man-in-the-middle attacks
r r r r r
1r/r9
, 18. What are the 5 steps in the Risk Management Process?: Identify Asset, Identify Thr
r r r r r r r r r r r r r
eats, Assess Vulnerabilities, Assess Risk, Mitigate Risk
r r r r r r
19. Identify Asset: Categorize Assets being protected
r r r r r
20. IdentifyThreats: recognize potential threats
r r r r
21. AssessVulnerabilities: evaluate impacts
r r r
22. Assess Risk: overall risk assessment
r r r r
23. Mitigate Risk: ensure threats are accounted for
r r r r r r
24. What are the 6 steps in the Incident Response Process?: Preparation, Detection & A
r r r r r r r r r r r r r
nalysis, Containment, Eradication, Recovery, Post-incident activity
r r r r r
25. Preparation: Activities performed in advance to better handle incidents
r r r r r r r r
26. Detection & Analysis: Identify and analyze incidents
r r r r r r
27. Containment: Steps to prevent further damage r r r r r
28. Eradication: Remove effects of the issue r r r r r
29. Recovery: Restore devices or data to pre-incident state
r r r r r r r
30. Post-incident activity: determine what happened and prevent recurrence
r r r r r r r
31. Authorization: determines user access, modification, and deletion
r r r r r r
32. Least Privilege: Provides minimum access necessary for functionality
r r r r r r r
33. Access Control: Allows, denies, limits, and revokes access
r r r r r r r
2r/r9
