Page 1 of 205
✓ ACTUAL EXAM 1, 2 &3
✓ QUESTIONS AND ANSWERS
WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 1
risk mamagement - ANSWER-A constant process as assets are purchased, used and retired. The
general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - ANSWER-First and most important part or risk management. Identifying and
categorizing the assets we are protecting
, Page 2 of 205
Identify threats - ANSWER-Once we have our critical assets we can identify the threats that
might effect them
Assess Vulnerabilities - ANSWER-Look at potential threats. any given asset may have thousand
or millions of threats that could impact it, but only a small fraction of the threats will be
relevant
Assess risks - ANSWER-Once we have identified the threats and vulnerabilities for a given asset
we can access the overall risk
Mitigating risks - ANSWER-Putting measures in place to help ensure that a given type of threat is
accounted for
Incident response - ANSWER-Response to when risk management practices have failed and have
cause an inconvenience to a disastrous event
, Page 3 of 205
Incident response cycle - ANSWER-1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - ANSWER-The preparation phase consists of all of the activities that we can
preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - ANSWER-Where the action begins to happen. We will detect the
occurrence of an issue and decide whether or not it is actually an incident so that we can
respond
, Page 4 of 205
Containment phase - ANSWER-Taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - ANSWER-We will attempt to remove the effects of the issue from our
environment
Recovery phase - ANSWER-Recover to a better state that we were prior to the incident or
perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - ANSWER-We attempt to determine specifically what happened,
why it happened, and what we can do to keep it from happening again.
Defense in depth - ANSWER-Layering of security controls is more effective and secure than
relying on a single control
✓ ACTUAL EXAM 1, 2 &3
✓ QUESTIONS AND ANSWERS
WGU D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 1
risk mamagement - ANSWER-A constant process as assets are purchased, used and retired. The
general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - ANSWER-First and most important part or risk management. Identifying and
categorizing the assets we are protecting
, Page 2 of 205
Identify threats - ANSWER-Once we have our critical assets we can identify the threats that
might effect them
Assess Vulnerabilities - ANSWER-Look at potential threats. any given asset may have thousand
or millions of threats that could impact it, but only a small fraction of the threats will be
relevant
Assess risks - ANSWER-Once we have identified the threats and vulnerabilities for a given asset
we can access the overall risk
Mitigating risks - ANSWER-Putting measures in place to help ensure that a given type of threat is
accounted for
Incident response - ANSWER-Response to when risk management practices have failed and have
cause an inconvenience to a disastrous event
, Page 3 of 205
Incident response cycle - ANSWER-1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - ANSWER-The preparation phase consists of all of the activities that we can
preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - ANSWER-Where the action begins to happen. We will detect the
occurrence of an issue and decide whether or not it is actually an incident so that we can
respond
, Page 4 of 205
Containment phase - ANSWER-Taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - ANSWER-We will attempt to remove the effects of the issue from our
environment
Recovery phase - ANSWER-Recover to a better state that we were prior to the incident or
perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - ANSWER-We attempt to determine specifically what happened,
why it happened, and what we can do to keep it from happening again.
Defense in depth - ANSWER-Layering of security controls is more effective and secure than
relying on a single control
