WGU D430 Fundamentals of Information Security – Complete
Information Security Review & Key Topics Summary | 2026
Digital signature - correct answer a means of electronically signing a document with
data that cannot be forged
Digital certificate - correct answer Link a public key to an individual
Protecting data at rest - correct answer use encryption and physical security
Protecting data in motion - correct answer use encryption, protect the connection with
a VPN,
Protecting data in use - correct answer We are somewhat limited in our ability to
protect data while it is being used by those who legitimately have access to it.
Authorized users can print files, move them to other machines or storage devices, etc.
Rivest-Shamir-Adleman - correct answer encryption algorithm
Which term is synonymous with symmetric cryptography? - correct answer Secret key
cryptography
Which term is synonymous with asymmetric cryptography? - correct answer Public key
cryptography
Regulatory compliance - correct answer Regulations mandated by law usually
requiring regular audits and assessments
Industry compliance - correct answer Regulations or standards designed for specific
industries that may impact ability to conduct business (e.g. PCI DSS)
, Privacy - correct answer the right of people not to reveal information about themselves
GLBA - correct answer "Graham-Leach-Bliley Act" (Financial Services Modernization
Act of 1999) repealed a 1933 law that barred the consolidation of financial institutions
and insurance companies. Included within GLBA are multiple sections relating to the
privacy of financial information. Companies must provide written notice to consumers of
their privacy rights and explain the company's procedures for safeguarding data.
Privacy guidelines - correct answer Guidelines to follow to protect private information
of patients
FISMA - correct answer federal info security management act - US law requires federal
agencies to create, document and implement security program
HIPPA - correct answer Health Insurance Portability and Accountability Act. Protects
patient privacy.
FERPA - correct answer Family Educational Rights and Privacy Act
SOX - correct answer Sarbanes-Oxley Act. This law requires publicly traded
companies and their independent auditors to demonstrate that their numbers are
accurate and that they have processes in place to ensure accurate reporting. Several
sections of the law have important implications for human resource activities.
Industry compliance vs. Regulatory compliance - correct answer Industry compliance
isn't enforced by the government, like regulatory compliance. It's a group of
stakeholders in the industry that get together and decide what compliance looks like.
COPPA - correct answer Children's Online Privacy Protection Act
ECC - correct answer Asymmetric Key Algorithm, provides encryption, digital
signatures, key exchange, based on the idea of using points on a curve to define the
public/private key, used in wireless devices and smart cards
Information Security Review & Key Topics Summary | 2026
Digital signature - correct answer a means of electronically signing a document with
data that cannot be forged
Digital certificate - correct answer Link a public key to an individual
Protecting data at rest - correct answer use encryption and physical security
Protecting data in motion - correct answer use encryption, protect the connection with
a VPN,
Protecting data in use - correct answer We are somewhat limited in our ability to
protect data while it is being used by those who legitimately have access to it.
Authorized users can print files, move them to other machines or storage devices, etc.
Rivest-Shamir-Adleman - correct answer encryption algorithm
Which term is synonymous with symmetric cryptography? - correct answer Secret key
cryptography
Which term is synonymous with asymmetric cryptography? - correct answer Public key
cryptography
Regulatory compliance - correct answer Regulations mandated by law usually
requiring regular audits and assessments
Industry compliance - correct answer Regulations or standards designed for specific
industries that may impact ability to conduct business (e.g. PCI DSS)
, Privacy - correct answer the right of people not to reveal information about themselves
GLBA - correct answer "Graham-Leach-Bliley Act" (Financial Services Modernization
Act of 1999) repealed a 1933 law that barred the consolidation of financial institutions
and insurance companies. Included within GLBA are multiple sections relating to the
privacy of financial information. Companies must provide written notice to consumers of
their privacy rights and explain the company's procedures for safeguarding data.
Privacy guidelines - correct answer Guidelines to follow to protect private information
of patients
FISMA - correct answer federal info security management act - US law requires federal
agencies to create, document and implement security program
HIPPA - correct answer Health Insurance Portability and Accountability Act. Protects
patient privacy.
FERPA - correct answer Family Educational Rights and Privacy Act
SOX - correct answer Sarbanes-Oxley Act. This law requires publicly traded
companies and their independent auditors to demonstrate that their numbers are
accurate and that they have processes in place to ensure accurate reporting. Several
sections of the law have important implications for human resource activities.
Industry compliance vs. Regulatory compliance - correct answer Industry compliance
isn't enforced by the government, like regulatory compliance. It's a group of
stakeholders in the industry that get together and decide what compliance looks like.
COPPA - correct answer Children's Online Privacy Protection Act
ECC - correct answer Asymmetric Key Algorithm, provides encryption, digital
signatures, key exchange, based on the idea of using points on a curve to define the
public/private key, used in wireless devices and smart cards
