12/11/25, 11:36 PM WGU Fundamentals of Information Security - C836 Flashcards | Quizlet
Science Computer Science Computer Security and Reliability
WGU Fundamentals of Information Security - C836
Leave the first rating
Students also studied
Cybersecurity and Network Security... Nutanix NCA Exam Flashcards Ques... C845 Information Sy
Teacher 41 terms Teacher 60 terms 66 terms
pabromas_mash Preview piusabigail309 Preview Gladis_Muia
Terms in this set (148)
Confidentiality, Integrity, Availability:
CIA Triad
Essentially the balance between IT Security (Confidentiality and
Integrity,) and Business Need (Availability.)
Addresses the importance of data security. Data should not be
exposed or accessible to parties other than those who are
authorized to interact with it.
CIA Triad - Confidentiality
An example of upholding the standards of this principle:
Creating authentication, authorization, and access controls to
control who has access to what information, and how each
individual with access can interact with that information.
This principle mandates that data should not be tampered with
or modified in such a way as to compromise the reliability of the
information.
CIA Triad - Integrity
An example of upholding the standards of this principle: Hashing
or encrypting data as it's in transit or at rest to monitor the
information for unauthorized changes or prevent attackers from
accessing the data.
This principle focuses on the need for businesses to balance the
CIA Triad - Availability principles of _____________ and _____________, whilst also allowing
authorized parties to access and interact with data.
Information Security (InfoSec)
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 1/28
,12/11/25, 11:36 PM WGU Fundamentals of Information Security - C836 Flashcards | Quizlet
A less well-known model named after Donn Parker. Provides a
somewhat more complex variation of the classic CIA triad.
Consists of six principles:
Parkerian Hexad - Confidentiality
Integrity
Authenticity
Utility
Possession
Availability
Refers to our ability to protect our data from those who are not
Parkerian Hexad -
authorized to view it. Can be implemented at many levels of a
Confidentiality
process.
The ability to prevent people from changing your data in an
unauthorized or undesirable manner. To maintain this principle,
not only do you need to have the means to prevent
unauthorized changes to your data, but you need the ability to
Parkerian Hexad - Integrity reverse unwanted authorized changes.
The difference between this Parkerian version and the CIA
version: The data must be whole and completely unchanged
from its previous state.
This principle allows you to say whether you've attributed the
data in question to the proper owner or creator.
For example:
Parkerian Hexad - Authenticity
If you send an email message that is altered so that it appears to
have come from a different email address than the one from
which it was actually sent, you would be violating the ___________ of
the email.
Refers to how useful the data is to you. This is the only principle
of the Perkerian hexad that is not necessarily binary in nature;
you can have a variety of degrees of _______, depending on the
data and its format.
For example:
Parkerian Hexad - Utility
If we lost a shipment of backup tapes, some encrypted and
some not, an attacker or other unauthorized person would
consider the encrypted tapes to be of very little ______, as the data
would not be readable. However, the unencrypted tapes would
be of much greater ________, as the attacker or unauthorized
person would be able to access the data.
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 2/28
, 12/11/25, 11:36 PM WGU Fundamentals of Information Security - C836 Flashcards | Quizlet
Refers to the physical disposition of the media on which the data
is stored. This enables you to discuss your loss of the data in its
physical medium without involving other factors such as
availability.
Parkerian Hexad - Possession For example:
(Control)
If we lost a shipment of backup tapes, some encrypted and
some not, we could use this principle to describe the scope of
the incident more accurately- the encrypted tapes in the lot
cause a possession problem, but not a confidentiality problem,
while the unencrypted tapes cause a problem on both counts.
Parkerian Hexad - Availability The ability to access our data when we need it.
These attacks allow unauthorized users to access your data,
applications, or environments, and they are primarily attacks
against confidentiality.
May take the form of unauthorized file viewing or copying,
Attacks - Interception eavesdropping on phone conversations, or reading someone
else's email, and you can conduct it against data at rest or in
motion.
When executed properly, these attacks can be quite difficult to
detect.
These attacks make your assets unusable or unavailable to you
on a temporary or permanent basis.
Often affect availability but can also affect integrity as well. A
DoS or DDoS attack would be considered an availability attack.
On the other hand, if an attacker manipulated the processes on
Attacks - Interruption
which a database runs to prevent access to the data it contains,
you might consider this an integrity attack because of the
possible loss or corruption of data. It could even be considered
a combination of the two.
Can also be considered a modification attack in certain contexts.
These attacks involve tampering with an asset.
Such attacks might primarily be considered attacks on integrity,
but could also represent attacks on availability.
If you access a file in an unauthorized manner and alter the data
it contains, you've affected the integrity of the file's data.
Attacks - Modification
However, if the file in question is a configuration file that
manages how a service behaves- perhaps one that is acting as a
web server-changing the contents of the file might affect the
availability of that service. If the configuration you altered in the
file for your web server changes how the server deals with
encrypted connections, you could even call this a confidentiality
attack.
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 3/28
Science Computer Science Computer Security and Reliability
WGU Fundamentals of Information Security - C836
Leave the first rating
Students also studied
Cybersecurity and Network Security... Nutanix NCA Exam Flashcards Ques... C845 Information Sy
Teacher 41 terms Teacher 60 terms 66 terms
pabromas_mash Preview piusabigail309 Preview Gladis_Muia
Terms in this set (148)
Confidentiality, Integrity, Availability:
CIA Triad
Essentially the balance between IT Security (Confidentiality and
Integrity,) and Business Need (Availability.)
Addresses the importance of data security. Data should not be
exposed or accessible to parties other than those who are
authorized to interact with it.
CIA Triad - Confidentiality
An example of upholding the standards of this principle:
Creating authentication, authorization, and access controls to
control who has access to what information, and how each
individual with access can interact with that information.
This principle mandates that data should not be tampered with
or modified in such a way as to compromise the reliability of the
information.
CIA Triad - Integrity
An example of upholding the standards of this principle: Hashing
or encrypting data as it's in transit or at rest to monitor the
information for unauthorized changes or prevent attackers from
accessing the data.
This principle focuses on the need for businesses to balance the
CIA Triad - Availability principles of _____________ and _____________, whilst also allowing
authorized parties to access and interact with data.
Information Security (InfoSec)
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 1/28
,12/11/25, 11:36 PM WGU Fundamentals of Information Security - C836 Flashcards | Quizlet
A less well-known model named after Donn Parker. Provides a
somewhat more complex variation of the classic CIA triad.
Consists of six principles:
Parkerian Hexad - Confidentiality
Integrity
Authenticity
Utility
Possession
Availability
Refers to our ability to protect our data from those who are not
Parkerian Hexad -
authorized to view it. Can be implemented at many levels of a
Confidentiality
process.
The ability to prevent people from changing your data in an
unauthorized or undesirable manner. To maintain this principle,
not only do you need to have the means to prevent
unauthorized changes to your data, but you need the ability to
Parkerian Hexad - Integrity reverse unwanted authorized changes.
The difference between this Parkerian version and the CIA
version: The data must be whole and completely unchanged
from its previous state.
This principle allows you to say whether you've attributed the
data in question to the proper owner or creator.
For example:
Parkerian Hexad - Authenticity
If you send an email message that is altered so that it appears to
have come from a different email address than the one from
which it was actually sent, you would be violating the ___________ of
the email.
Refers to how useful the data is to you. This is the only principle
of the Perkerian hexad that is not necessarily binary in nature;
you can have a variety of degrees of _______, depending on the
data and its format.
For example:
Parkerian Hexad - Utility
If we lost a shipment of backup tapes, some encrypted and
some not, an attacker or other unauthorized person would
consider the encrypted tapes to be of very little ______, as the data
would not be readable. However, the unencrypted tapes would
be of much greater ________, as the attacker or unauthorized
person would be able to access the data.
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 2/28
, 12/11/25, 11:36 PM WGU Fundamentals of Information Security - C836 Flashcards | Quizlet
Refers to the physical disposition of the media on which the data
is stored. This enables you to discuss your loss of the data in its
physical medium without involving other factors such as
availability.
Parkerian Hexad - Possession For example:
(Control)
If we lost a shipment of backup tapes, some encrypted and
some not, we could use this principle to describe the scope of
the incident more accurately- the encrypted tapes in the lot
cause a possession problem, but not a confidentiality problem,
while the unencrypted tapes cause a problem on both counts.
Parkerian Hexad - Availability The ability to access our data when we need it.
These attacks allow unauthorized users to access your data,
applications, or environments, and they are primarily attacks
against confidentiality.
May take the form of unauthorized file viewing or copying,
Attacks - Interception eavesdropping on phone conversations, or reading someone
else's email, and you can conduct it against data at rest or in
motion.
When executed properly, these attacks can be quite difficult to
detect.
These attacks make your assets unusable or unavailable to you
on a temporary or permanent basis.
Often affect availability but can also affect integrity as well. A
DoS or DDoS attack would be considered an availability attack.
On the other hand, if an attacker manipulated the processes on
Attacks - Interruption
which a database runs to prevent access to the data it contains,
you might consider this an integrity attack because of the
possible loss or corruption of data. It could even be considered
a combination of the two.
Can also be considered a modification attack in certain contexts.
These attacks involve tampering with an asset.
Such attacks might primarily be considered attacks on integrity,
but could also represent attacks on availability.
If you access a file in an unauthorized manner and alter the data
it contains, you've affected the integrity of the file's data.
Attacks - Modification
However, if the file in question is a configuration file that
manages how a service behaves- perhaps one that is acting as a
web server-changing the contents of the file might affect the
availability of that service. If the configuration you altered in the
file for your web server changes how the server deals with
encrypted connections, you could even call this a confidentiality
attack.
https://quizlet.com/1086409864/wgu-fundamentals-of-information-security-c836-flash-cards/ 3/28
