Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Fundamentals of Information Security - D430 Chapter Exercises (ALL) questions with verified answers

Rating
-
Sold
-
Pages
24
Grade
A+
Uploaded on
24-02-2025
Written in
2024/2025

Fundamentals of Information Security - D430 Chapter Exercises (ALL) questions with verified answers

Institution
D430
Course
D430

Content preview

Fundamentals of Information Security - D430
Chapter Exercises (ALL) questions with verified
answers
A key would be described as which type of authentication factor? Ans✓✓✓-
Something you have


Based on the Parkerian hexad, what principles are affected if you lose a shipment
of encrypted backup tapes that contain personal and payment information for
your customers? Ans✓✓✓-Confidentiality (someone unauthorized has this
data)Integrity (your backups)Availability (you no longer have access to safe
backups)Possession (obvs you don't have it anymore)Utility (payment info can be
very useful to malicious threats)


Can you give an example of how a living organism might constitute a threat to
your equipment? Ans✓✓✓-Insects and small animals that have gained access to
our equipments may cause electrical shorts, interfere with cooling fans, chew on
wiring, and generally wreak havoc.


Can you give three examples of physical controls that work as deterrents?
Ans✓✓✓-Cable Locks.
Hardware Locks.
Video surveillance & guards.


Considering the CIA triad and the Parkerian hexad, what are the advantages and
disadvantages of each model? Ans✓✓✓-CIA considers unauthorized access to
the data. Parkerian Hexad allows more depth with the addition of
possession/control, utility and authenticity.

,Define competitive counterintelligence. Ans✓✓✓-Competitive intelligence is the
process of gathering and analyzing information about competitors to gain insights
into their strategies, strengths, weaknesses, and market positioning. It involves
monitoring competitors' online presence, marketing campaigns, pricing, product
offerings, and customer feedback.


Define tailgating. Why is it a problem? Ans✓✓✓-Physical tailgating, or
piggybacking, is the act of following someone through an access control point,
such as secure door, instead of using the credentials, badge, or key normally
needed to enter. The authorized person may let you in intentionally or
accidentally.


Describe nonrepudiation. Ans✓✓✓-The term nonrepudiation refers to a situation
in which an individual is unable to successfully deny that they have made a
statement or taken an action, generally because we have sufficient evidence that
they did it.


You may be able to produce proof of the activity directly from system or network
logs or recover such proof through the use of digital forensic examination of the
system or devices involved.


Another example is when a system digitally signs every email that is sent from it,
making it impossible for someone to deny the fact that the email came from that
system.


Discuss the difference between authorization and access control. Ans✓✓✓-
Authorization specifies what a user can do, and access control enforces what a
user can do

, Discuss the difference between authorization and accountability. Ans✓✓✓-
Authorization is the process of determining exactly what an authenticated party
can do. You typically implement authorization using access controls, which are the
tools and systems you use to deny or allow access.


To hold people accountable for their actions, you have to trace all activities in
your environment back to their sources. That means you have to use
identification, authentication, and authorization processes so you can know who a
given event is associated with and what permissions allowed them to carry it out.


Authorization is what an individual or party can do or access.
Accountability is holding an individual or party accountable for an event which
occurred using their access or "what they can do."


ECC is classified as which type of cryptographic algorithm? Ans✓✓✓-Asymmetric.


Elliptic curve cryptography (ECC) is a class of cryptographic algorithms, although
people sometimes refer to is as though it were a simple algorithm. Named for the
type of mathematical problem on which its cryptographic functions are based,
elliptic curve cryptography has several advantages over other types of algorithms.


Explain how 3DES differs from DES. Ans✓✓✓-3DES is simply DES used to encrypt
each block three times, with three different keys.


Explain how the confused deputy problem could allow users to carry out activities
for which they are not authorized. Ans✓✓✓-The confused deputy problem
allows privilege escalation to take place because when there is software with
access to a resource that has a greater level of permission to access the resource
than the user who is controlling the software, the user can trick the software into

Written for

Institution
D430
Course
D430

Document information

Uploaded on
February 24, 2025
Number of pages
24
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$15.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Thumbnail
Package deal
WGU D430 Fundamentals of Information Security|Tests Bundle Set
-
8 2025
$ 36.76 More info

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
cracker Chamberlain School Of Nursing
View profile
Follow You need to be logged in order to follow users or courses
Sold
2131
Member since
3 year
Number of followers
1347
Documents
50003
Last sold
3 days ago
✨ Cracker – Verified Study Powerhouse

Welcome to your shortcut to academic and certification success. I'm Cracker, a trusted top seller I specialize in high-quality study guides, test banks, certification prep, and real-world exam material all tailored to help you pass fast and score high.

3.8

389 reviews

5
171
4
90
3
55
2
24
1
49

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions