WGU D430 Fundamentals of Information Security –
Comprehensive Study Notes & Final Exam Review Guide |
2026 Updated
Attribute-based access control (ABAC) - correct answer Logically, based on attributes.
These can be the attributes of a particular person, of a resource, or of an environment.
Subject attributes - correct answer those of a particular individual.
CAPTCHA - correct answer Completely Automated Public Turing Test to Tell Humans
and Computers Apart
Used to prevent automated tools from carrying out tasks like signing up for new
accounts or adding spam comments to blogs.
Resource attributes - correct answer those that relate to a particular resource, such as
an operating system or application.
Environmental attributes - correct answer can be used to enable access controls that
operate based on environmental conditions. We commonly use the time attribute to
control access, in both a physical and a logical sense, based on length of time passed,
or time of day.
Multilevel access control - correct answer are used where the simpler access control
models that we just discussed are considered to not be robust enough to protect the
information to which we are controlling access. Such access controls are used
extensively by military and government organizations, or those that often handle data of
a very sensitive nature. We might see multilevel security models used to protect a
variety of data, from nuclear secrets to protected health information (PHI).
The Bell-LaPadula model - correct answer implements a combination of DAC and
MAC and is primarily concerned with the confidentiality of the resource in question.
,1. The simple security property: The level of access granted to an individual must be at
least as high as the classification of the resource in order for the individual to be able to
access it.
2. The * property: Anyone accessing a resource can only write its contents to one
classified at the same level or higher.
The Biba model - correct answer primarily concerned with protecting the integrity of
data, even at the expense of confidentiality.
1. The simple integrity axiom: The level of access granted to an individual must be no
lower than the classification of the resource.
2. The * integrity axiom: Anyone accessing a resource can only write its contents to one
classified at the same level or lower.
The Brewer and Nash model - correct answer also known as the Chinese Wall model,
is an access control model designed to prevent conflicts of interest. Brewer and Nash is
commonly used in industries that handle sensitive data, such as that found in the
financial, medical, or legal industry.
1. Objects: Resources such as files or information, pertaining to a single organization.
2. Company groups: All objects pertaining to a particular organization.
3. Conflict classes: All groups of objects that concern competing parties.
Accountability - correct answer the means to trace activities in our environment back to
their source. In addition, it provides us with a number of capabilities, when properly
implemented, which can be of great use in conducting the daily business of security and
information technology in our organizations.
,Nonrepudiation - correct answer a situation in which sufficient evidence exists as to
prevent an individual from successfully denying that he or she has made a statement, or
taken an action.
Deterrence - correct answer a great deterrent against misbehavior in our
environments. If those we monitor are aware of this fact, and it has been communicated
to them that there will be penalties for acting against the rules, these individuals may
think twice before straying outside the lines.
intrusion detection systems (IDSes) - correct answer An IDS performs strictly as a
monitoring and alert tool, only notifying us that an attack or undesirable activity is taking
place.
intrusion prevention systems (IPSes) - correct answer An IPS, often working from
information sent by the IDS, can actually take action based on what is happening in the
environment. In response to an attack over the network, an IPS might refuse traffic from
the source of the attack.
Auditing - correct answer One of the primary ways we can ensure accountability
through technical means is by ensuring that we have accurate records of who did what
and when they did it. In nearly any environment, from the lowest level of technology to
the highest, accountability is largely accomplished through the use of auditing.
The BSA - correct answer a company that, on behalf of software companies (Adobe or
Microsoft, for instance), regularly audits other companies to ensure their compliance
with software licensing.
Logging - correct answer gives us a history of the activities that have taken place in the
environment being logged. Without this evidence, audits and investigations are not
practical.
Monitoring - correct answer a subset of auditing and tends to focus on observing
information about the environment being monitored in order to discover undesirable
conditions such as failures, resource shortages, security issues, and trends that might
signal the arrival of such conditions. Monitoring is largely a reactive activity, with actions
taken based on gathered data, typically from logs generated by various devices.
, Assessments - correct answer vulnerability assessments and penetration testing.
While these terms are often used interchangeably, they are actually two distinct sets of
activities.
Vulnerability assessments - correct answer generally involve using vulnerability
scanning tools, such as Nessus, in order to locate such vulnerabilities.
Penetration testing - correct answer although it may use vulnerability assessment as a
starting place, takes the process several steps further. When we conduct a penetration
test, we mimic, as closely as possible, the techniques an actual attacker would use.
Cryptography - correct answer the science of keeping information secure (secure, in
this case, in the sense of confidentiality and integrity (through hashing)
Encryption - correct answer itself is actually a subset of cryptography, referring
specifically to the transformation of unencrypted data, called plaintext or cleartext, into
its encrypted form, called ciphertext.
Decryption - correct answer the process of recovering the plaintext message from the
ciphertext. The plaintext and ciphertext may also be generically referred to as the
message.
cryptanalysis - correct answer The science of breaking through the encryption used to
create the ciphertext
cryptology - correct answer The overarching field of study that covers cryptography
and cryptanalysis
Cryptographic algorithm - correct answer The specifics of the process used to encrypt
the plaintext or decrypt the ciphertext is referred to as a cryptographic algorithm.
Comprehensive Study Notes & Final Exam Review Guide |
2026 Updated
Attribute-based access control (ABAC) - correct answer Logically, based on attributes.
These can be the attributes of a particular person, of a resource, or of an environment.
Subject attributes - correct answer those of a particular individual.
CAPTCHA - correct answer Completely Automated Public Turing Test to Tell Humans
and Computers Apart
Used to prevent automated tools from carrying out tasks like signing up for new
accounts or adding spam comments to blogs.
Resource attributes - correct answer those that relate to a particular resource, such as
an operating system or application.
Environmental attributes - correct answer can be used to enable access controls that
operate based on environmental conditions. We commonly use the time attribute to
control access, in both a physical and a logical sense, based on length of time passed,
or time of day.
Multilevel access control - correct answer are used where the simpler access control
models that we just discussed are considered to not be robust enough to protect the
information to which we are controlling access. Such access controls are used
extensively by military and government organizations, or those that often handle data of
a very sensitive nature. We might see multilevel security models used to protect a
variety of data, from nuclear secrets to protected health information (PHI).
The Bell-LaPadula model - correct answer implements a combination of DAC and
MAC and is primarily concerned with the confidentiality of the resource in question.
,1. The simple security property: The level of access granted to an individual must be at
least as high as the classification of the resource in order for the individual to be able to
access it.
2. The * property: Anyone accessing a resource can only write its contents to one
classified at the same level or higher.
The Biba model - correct answer primarily concerned with protecting the integrity of
data, even at the expense of confidentiality.
1. The simple integrity axiom: The level of access granted to an individual must be no
lower than the classification of the resource.
2. The * integrity axiom: Anyone accessing a resource can only write its contents to one
classified at the same level or lower.
The Brewer and Nash model - correct answer also known as the Chinese Wall model,
is an access control model designed to prevent conflicts of interest. Brewer and Nash is
commonly used in industries that handle sensitive data, such as that found in the
financial, medical, or legal industry.
1. Objects: Resources such as files or information, pertaining to a single organization.
2. Company groups: All objects pertaining to a particular organization.
3. Conflict classes: All groups of objects that concern competing parties.
Accountability - correct answer the means to trace activities in our environment back to
their source. In addition, it provides us with a number of capabilities, when properly
implemented, which can be of great use in conducting the daily business of security and
information technology in our organizations.
,Nonrepudiation - correct answer a situation in which sufficient evidence exists as to
prevent an individual from successfully denying that he or she has made a statement, or
taken an action.
Deterrence - correct answer a great deterrent against misbehavior in our
environments. If those we monitor are aware of this fact, and it has been communicated
to them that there will be penalties for acting against the rules, these individuals may
think twice before straying outside the lines.
intrusion detection systems (IDSes) - correct answer An IDS performs strictly as a
monitoring and alert tool, only notifying us that an attack or undesirable activity is taking
place.
intrusion prevention systems (IPSes) - correct answer An IPS, often working from
information sent by the IDS, can actually take action based on what is happening in the
environment. In response to an attack over the network, an IPS might refuse traffic from
the source of the attack.
Auditing - correct answer One of the primary ways we can ensure accountability
through technical means is by ensuring that we have accurate records of who did what
and when they did it. In nearly any environment, from the lowest level of technology to
the highest, accountability is largely accomplished through the use of auditing.
The BSA - correct answer a company that, on behalf of software companies (Adobe or
Microsoft, for instance), regularly audits other companies to ensure their compliance
with software licensing.
Logging - correct answer gives us a history of the activities that have taken place in the
environment being logged. Without this evidence, audits and investigations are not
practical.
Monitoring - correct answer a subset of auditing and tends to focus on observing
information about the environment being monitored in order to discover undesirable
conditions such as failures, resource shortages, security issues, and trends that might
signal the arrival of such conditions. Monitoring is largely a reactive activity, with actions
taken based on gathered data, typically from logs generated by various devices.
, Assessments - correct answer vulnerability assessments and penetration testing.
While these terms are often used interchangeably, they are actually two distinct sets of
activities.
Vulnerability assessments - correct answer generally involve using vulnerability
scanning tools, such as Nessus, in order to locate such vulnerabilities.
Penetration testing - correct answer although it may use vulnerability assessment as a
starting place, takes the process several steps further. When we conduct a penetration
test, we mimic, as closely as possible, the techniques an actual attacker would use.
Cryptography - correct answer the science of keeping information secure (secure, in
this case, in the sense of confidentiality and integrity (through hashing)
Encryption - correct answer itself is actually a subset of cryptography, referring
specifically to the transformation of unencrypted data, called plaintext or cleartext, into
its encrypted form, called ciphertext.
Decryption - correct answer the process of recovering the plaintext message from the
ciphertext. The plaintext and ciphertext may also be generically referred to as the
message.
cryptanalysis - correct answer The science of breaking through the encryption used to
create the ciphertext
cryptology - correct answer The overarching field of study that covers cryptography
and cryptanalysis
Cryptographic algorithm - correct answer The specifics of the process used to encrypt
the plaintext or decrypt the ciphertext is referred to as a cryptographic algorithm.
