Updated WGU C795 Study Guide - Passed first try. ProTip Read the CONTEXT of the test question and answers
3 keer bekeken 0 keer verkocht
Vak
C795 Cybersecurity Management II Tactical
Instelling
C795 Cybersecurity Management II Tactical
WGU C795 Study Guide - Passed first try. ProTip Read the CONTEXT of the test question and answers
OOM (Object-oriented modeling):
It is heavily used by both OOA and OOD activities in modern software engineering.
ISO/IEC 20000 Family
ISO27001 -
ISO27002 -
ISO27005 -
ISO270037 -
ISO270050...
WGU C795 Study Guide - Passed first try. ProTip Read the CONTEXT of the test question and answers
OOM (Object-oriented modeling):
It is heavily used by both OOA and OOD activities in modern software engineering.
ISO/IEC 20000 Family
ISO27001 -
ISO27002 -
ISO27005 -
ISO270037 -
ISO270050 -
ISO27001 - Requirements
ISO27002 - Code of Practice
ISO27005 - Risk Management
ISO270037 - Digital Evidence
ISO270050 - Electronic Delivery
CIA triad (Confidentiality, Integrity, Availability)
All Security functions Begin with Policy
Confidentiality - Protection of sensitive assets:
Intellectually property: Research or business plans
Information: Privacy or secrecy
Confidentiality - Breaches:
Intentional or accidental
Covert Channels - Timing(displayed or heard), Storage( on USB)
Protection of displayed data - displayed paperwork or monitor. Confidentiality - Effect of Breaches:
Legal Penalties Must demonstrate Due Care and Due Diligence
Financial Penalties - Lost revenue
Reputational Damage Confidentiality - Ensuring Confidentiality:
Policy
Access Controls: Need to know & Least Privilege. Confidentiality - Enforcing Confidentiality:
Encryption, Masking (dots on pw), Obfuscation (not readable/meaningful), Tokenization(Pay at pump, token given to gas station where no one sees card info, just token)
Require SSL certificate
Integrity - Authenticity Files, Evidence, logs
Reliability usefulness Unauthorized modifications
Intentional, Accidental, Transmission Errors, Integrity - Breaches:
Life Safety - Pharmaceutical
Damage to equipment and processes
Breach of contact - Penalties, Loss of customers
Reputational damage Integrity - Ensuring Integrity
Separation of duties - no one user controls entire transaction
Mutual Exclusivity (MutEx) - Same person can do both tasks but not at same time
Dual Control - Two people to complete a task Parity Bits(watched for missing packets), Checksums (checked a download), Check Digits( entry to form to check it before use), Header and Trailer records ( to make sure top and bottom are same ensuring integrity)
Hashing(creates a digest. on computer stores in "sam"(windows) or ETC(linux) ), Digital Signatures ( ensures source that creates a digest).
Digital Signature(asymmetric) (ensures source and integrity ) - Digest used Senders private key, then sent to user to decrypt with sender public key. Integrity - Enforcing integrity
Policy, Access control, Input validation, Audit,
Availability - Ensuring Resource is accessible when needed.
Availability - Breaches:
Intentional: Denial or service( DOS) or DDOS
Malware, ransomware or Sabotage
Accidental: Deletion of wrong file, misconfiguration, power off. Availability - Effect
Life Safety, interruption to business, Breach of contract
Availability - Ensuring Replication (backups), Redundancy (networks), Clustering, scalability, resiliency (failover or fault tolerant).
Availability - Enforcing
Policies, Architecture, Access Control(least privilege), Cross Training.
Power fluctuations can damage hardware, which can interrupt our availability and integrity, faulty power can corrupt data.
Non-repudiation
Repudiate - To deny
Effect of Repudiation - Loss of trust, lack of evidence, breach of contract
Non-Repudiation - to establish proof that links an action to a specific identity. - Electric Contracts
- Logs
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper StarScoreGrades. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €10,87. Je zit daarna nergens aan vast.
