WGU D549 EXAM READY NOTES WITH
STEP BY STEP EXPLANATIONS
‣ Define the confidentiality in the CIA triad. Answer: Our ability to
protect data from those who are not authorized to view it.
‣ Examples of confidentiality Answer: A patron using an ATM card
wants to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
‣ How can confidentiality be broken? Answer: Losing a laptop
An attacker gets access to info
A person can look over your shoulder
‣ Define integrity in the CIA triad. Answer: The ability to prevent people
from changing your data and the ability to reverse unwanted changes.
‣ How do you control integrity? Answer: Permissions restrict what users
can do (read, write, etc.)
‣ Examples of integrity Answer: Data used by a doctor to make medical
decisions needs to be correct or the patient can die.
, ‣ Define the availability in the CIA triad. Answer: Our data needs to be
accessible when we need it.
‣ How can availability be broken? Answer: Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
‣ Define information security. Answer: The protection of information
and information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
‣ Define the Parkerian Hexad and its principles. Answer: The Parkerian
Hexad includes confidentiality, integrity, and availability from the CIA
triad. It also includes possession (or control), authenticity, and utility.
‣ Authenticity Answer: Whether the data in question comes from who or
where it says it comes from (i.e. did this person actually send this
email?)
‣ Confidentiality is affected by what type of attack? Answer:
Interception (eaves dropping)
‣ Integrity is affected by what type of attacks? Answer: Interruption
(assets are unusable), modification (tampering with an asset), fabrication
(generating false data)
STEP BY STEP EXPLANATIONS
‣ Define the confidentiality in the CIA triad. Answer: Our ability to
protect data from those who are not authorized to view it.
‣ Examples of confidentiality Answer: A patron using an ATM card
wants to keep their PIN number confidential.
An ATM owner wants to keep bank account numbers confidential.
‣ How can confidentiality be broken? Answer: Losing a laptop
An attacker gets access to info
A person can look over your shoulder
‣ Define integrity in the CIA triad. Answer: The ability to prevent people
from changing your data and the ability to reverse unwanted changes.
‣ How do you control integrity? Answer: Permissions restrict what users
can do (read, write, etc.)
‣ Examples of integrity Answer: Data used by a doctor to make medical
decisions needs to be correct or the patient can die.
, ‣ Define the availability in the CIA triad. Answer: Our data needs to be
accessible when we need it.
‣ How can availability be broken? Answer: Loss of power, application
problems. If caused by an attacker, this is a Denial of Service attack.
‣ Define information security. Answer: The protection of information
and information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.
‣ Define the Parkerian Hexad and its principles. Answer: The Parkerian
Hexad includes confidentiality, integrity, and availability from the CIA
triad. It also includes possession (or control), authenticity, and utility.
‣ Authenticity Answer: Whether the data in question comes from who or
where it says it comes from (i.e. did this person actually send this
email?)
‣ Confidentiality is affected by what type of attack? Answer:
Interception (eaves dropping)
‣ Integrity is affected by what type of attacks? Answer: Interruption
(assets are unusable), modification (tampering with an asset), fabrication
(generating false data)
