Page | 1
C836 - Fundamentals of Information Security
(WGU) Questions with Detailed Verified
Answers
Information Security Ans: Protecting an organization's information and
information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction.
Compliance Ans: Requirements that are set forth by laws and
industry regulations.
CIA Ans: Confidentiality, Integrity, Availability
Confidentiality Ans: Refers to our ability to protect our data from those
who are not authorized to use/view it
Integrity Ans: The ability to prevent people from changing your data in
an unauthorized or undesirable manner
Availability Ans: Refers to the ability to access our data when we need
it
Possession/Control Ans: refers to the physical disposition of the media
on which the data is stored. (tape examples where some are encrypted
and some are not)
Authenticity Ans: whether you've attributed the data in question to the
proper owner or creator. (altered email that says it's from one person
when it's not - violation of the authenticity of the email)
, Page | 2
Utility Ans: refers to how useful the data is to you.
Attacks Ans: interception, interruption, modification, and
fabrication
Interception Ans: attacks that allow unauthorized users to access your
data, applications, or environments. Are primarily attacks against
confidentiality
Interruption Ans: attacks that make your assets unusable or
unavailable to you temporarily or permanently. DoS attack on a mail
server, for example. May also affect integrity
Modification Ans: attacks involve tampering with our asset. Such
attacks might primarily be considered an integrity attack but could also
represent an availability attack.
Fabrication Ans: attacks involve generating data, processes,
communications, or other similar activities with a system. Fabrication
attacks primarily affect integrity but could be considered an availability
attack as well.
Risk Ans: is the likelihood that an event will occur. To have risk there
must be a
threat and vulnerability.
Threats Ans: are any events being man-made, natural or environmental
that could cause damage to assets.
Vulnerabilities Ans: are a weakness that a threat event or the threat
agent can take advantage of.
Impact Ans: takes into account the value of the asset being threatened
and uses it to calculate risk
, Page | 3
Risk Management Process Ans: Identify assets, identify threats, assess
vulnerabilities, assess risks, mitigate risks
Defense in Depth Ans: Using multiple layers of security to defend your
assets.
Controls Ans: are the ways we protect assets. Three different types:
physical, logical, administrative
Physical Controls Ans: environment; physical items that protect assets
think locks, doors, guards, and, fences or environmental factors (time)
Logical Controls Ans: Sometimes called technical controls, these protect
the systems, networks, and environments that process, transmit, and
store our data
Administrative Controls Ans: based on laws, rules, policies, and
procedures, guidelines, and other items that are "paper" in nature. They
are the policies that organizations create for governance. For example,
acceptable use and email use policies.
Preparation Ans: phase of incident response consists of all of the
activities that we can perform, in advance of the incident itself, in order
to better enable us to handle it.
Incident Response Process Ans: 1. Preparation
2. Detection and Analysis (Identification)
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
, Page | 4
Detection & Analysis Ans: where the action begins to happen in our
incident response process. In this phase, we will detect the occurrence of
an issue and decide whether or not it is actually an incident, so that we
can respond appropriately to it.
Containment Ans: involves taking steps to ensure that the situation
does not cause any more damage than it already has, or to at least
lessen any ongoing harm.
Eradication Ans: attempt to remove the effects of the issue from our
environment.
Recovery Ans: restoring devices or data to pre-incident state
(rebuilding systems, reloading applications, backup media, etc.)
Post-incident activity Ans: determine specifically what happened, why it
happened, and what we can do to keep it from happening again.
(postmortem).
Identity Ans: who or what we claim to be. Simply an assertion.
Authentication Ans: the act of providing who or what we claim to be.
More technically, the set of methods used to establish whether a claim is
true
Verification Ans: simply verifies status of ID. For example, showing
your driver's license at a bar. "Half-step" between identity and
authentication
Five Different Types of Authentication Ans: • Something you know:
Username/Password/Pin
• Something you have: ID badge/swipe card/OTP
• Something you are: Fingerprint/Iris/Retina scan
• Somewhere you are: Geolocation
C836 - Fundamentals of Information Security
(WGU) Questions with Detailed Verified
Answers
Information Security Ans: Protecting an organization's information and
information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction.
Compliance Ans: Requirements that are set forth by laws and
industry regulations.
CIA Ans: Confidentiality, Integrity, Availability
Confidentiality Ans: Refers to our ability to protect our data from those
who are not authorized to use/view it
Integrity Ans: The ability to prevent people from changing your data in
an unauthorized or undesirable manner
Availability Ans: Refers to the ability to access our data when we need
it
Possession/Control Ans: refers to the physical disposition of the media
on which the data is stored. (tape examples where some are encrypted
and some are not)
Authenticity Ans: whether you've attributed the data in question to the
proper owner or creator. (altered email that says it's from one person
when it's not - violation of the authenticity of the email)
, Page | 2
Utility Ans: refers to how useful the data is to you.
Attacks Ans: interception, interruption, modification, and
fabrication
Interception Ans: attacks that allow unauthorized users to access your
data, applications, or environments. Are primarily attacks against
confidentiality
Interruption Ans: attacks that make your assets unusable or
unavailable to you temporarily or permanently. DoS attack on a mail
server, for example. May also affect integrity
Modification Ans: attacks involve tampering with our asset. Such
attacks might primarily be considered an integrity attack but could also
represent an availability attack.
Fabrication Ans: attacks involve generating data, processes,
communications, or other similar activities with a system. Fabrication
attacks primarily affect integrity but could be considered an availability
attack as well.
Risk Ans: is the likelihood that an event will occur. To have risk there
must be a
threat and vulnerability.
Threats Ans: are any events being man-made, natural or environmental
that could cause damage to assets.
Vulnerabilities Ans: are a weakness that a threat event or the threat
agent can take advantage of.
Impact Ans: takes into account the value of the asset being threatened
and uses it to calculate risk
, Page | 3
Risk Management Process Ans: Identify assets, identify threats, assess
vulnerabilities, assess risks, mitigate risks
Defense in Depth Ans: Using multiple layers of security to defend your
assets.
Controls Ans: are the ways we protect assets. Three different types:
physical, logical, administrative
Physical Controls Ans: environment; physical items that protect assets
think locks, doors, guards, and, fences or environmental factors (time)
Logical Controls Ans: Sometimes called technical controls, these protect
the systems, networks, and environments that process, transmit, and
store our data
Administrative Controls Ans: based on laws, rules, policies, and
procedures, guidelines, and other items that are "paper" in nature. They
are the policies that organizations create for governance. For example,
acceptable use and email use policies.
Preparation Ans: phase of incident response consists of all of the
activities that we can perform, in advance of the incident itself, in order
to better enable us to handle it.
Incident Response Process Ans: 1. Preparation
2. Detection and Analysis (Identification)
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
, Page | 4
Detection & Analysis Ans: where the action begins to happen in our
incident response process. In this phase, we will detect the occurrence of
an issue and decide whether or not it is actually an incident, so that we
can respond appropriately to it.
Containment Ans: involves taking steps to ensure that the situation
does not cause any more damage than it already has, or to at least
lessen any ongoing harm.
Eradication Ans: attempt to remove the effects of the issue from our
environment.
Recovery Ans: restoring devices or data to pre-incident state
(rebuilding systems, reloading applications, backup media, etc.)
Post-incident activity Ans: determine specifically what happened, why it
happened, and what we can do to keep it from happening again.
(postmortem).
Identity Ans: who or what we claim to be. Simply an assertion.
Authentication Ans: the act of providing who or what we claim to be.
More technically, the set of methods used to establish whether a claim is
true
Verification Ans: simply verifies status of ID. For example, showing
your driver's license at a bar. "Half-step" between identity and
authentication
Five Different Types of Authentication Ans: • Something you know:
Username/Password/Pin
• Something you have: ID badge/swipe card/OTP
• Something you are: Fingerprint/Iris/Retina scan
• Somewhere you are: Geolocation
