WGU D430 / C836 Information Security Principles & Controls
| Academic Study Summary & Review Guide
Auditing - correct answer Ensuring that we have accurate records of who did what and
when. Primarily focused on compliance with relevant laws and policies, and access to
and from systems and sometimes physical security
Assessments - correct answer Vulnerability and penetration testing
Vulnerability Assessment - correct answer Tools such as Nessus . They work by
scanning the target systems to discover which ports are open on them and then
interrogating each open port to find out exactly which service is listening on the port in
question
Penetration Testing - correct answer We conduct a test where we mimic as closely as
possible the techniques an actual attacker would us
Cryptology - correct answer The study of deciphering secret messages. Cryptographic
algorithms
Cryptanalysis - correct answer The breaking and finding a weakness in the algorithm
Caesar cipher - correct answer A substitution cipher that shifts characters a certain
number of positions in the alphabet usually 3 .
Substitution - correct answer The substitution of one letter for another in a consistent
fashion
ROT13 - correct answer A substitution cipher that uses a key of 13. To encrypt a
message, you would rotate each letter 13 spaces. To decrypt a message, you would
rotate each letter 13 spaces.
, Cryptographic - correct answer Existed before the modern computer . Used to simplify
the use of encryption and made more computer encryption possible.
Symmetric Cryptography - correct answer Also known as private key. Utilizes a single
key for both encryption of plain text and decryption of the cipher text
Asymmetrical Cryptography - correct answer Public key utilizes 2 keys. A public key
and a private key. The public key is used to encrypt data sent from sender to receiver
and is shared with everyone
hash function - correct answer Keyless cryptography. Do not use a key but instead
create a unique and fixed length hash value based on the original message. (Like a
fingerprint) a slight change to the message will change the hash
Digital signature - correct answer an encrypted code that a person, website, or
organization attaches to an electronic message to verify the identity of the message
sender
Certificates - correct answer Digitally signed electronic documents that bind a public
key with a user identity.
Block Cipher - correct answer An encryption method that encrypts data in fixed-side
blocks. Block size is 64 bits .
Stream Cipher - correct answer An encryption method that encrypts data as a stream
of bits or bytes. One bit at a time.
DES - correct answer A block cipher based on symmetric key cryptography and uses a
56- but key. Was once considered very secure but that is no longer the case
3DES - correct answer Triple Digital Encryption Standard. A symmetric algorithm used
to encrypt data and provide confidentiality. It was originally designed as a replacement
| Academic Study Summary & Review Guide
Auditing - correct answer Ensuring that we have accurate records of who did what and
when. Primarily focused on compliance with relevant laws and policies, and access to
and from systems and sometimes physical security
Assessments - correct answer Vulnerability and penetration testing
Vulnerability Assessment - correct answer Tools such as Nessus . They work by
scanning the target systems to discover which ports are open on them and then
interrogating each open port to find out exactly which service is listening on the port in
question
Penetration Testing - correct answer We conduct a test where we mimic as closely as
possible the techniques an actual attacker would us
Cryptology - correct answer The study of deciphering secret messages. Cryptographic
algorithms
Cryptanalysis - correct answer The breaking and finding a weakness in the algorithm
Caesar cipher - correct answer A substitution cipher that shifts characters a certain
number of positions in the alphabet usually 3 .
Substitution - correct answer The substitution of one letter for another in a consistent
fashion
ROT13 - correct answer A substitution cipher that uses a key of 13. To encrypt a
message, you would rotate each letter 13 spaces. To decrypt a message, you would
rotate each letter 13 spaces.
, Cryptographic - correct answer Existed before the modern computer . Used to simplify
the use of encryption and made more computer encryption possible.
Symmetric Cryptography - correct answer Also known as private key. Utilizes a single
key for both encryption of plain text and decryption of the cipher text
Asymmetrical Cryptography - correct answer Public key utilizes 2 keys. A public key
and a private key. The public key is used to encrypt data sent from sender to receiver
and is shared with everyone
hash function - correct answer Keyless cryptography. Do not use a key but instead
create a unique and fixed length hash value based on the original message. (Like a
fingerprint) a slight change to the message will change the hash
Digital signature - correct answer an encrypted code that a person, website, or
organization attaches to an electronic message to verify the identity of the message
sender
Certificates - correct answer Digitally signed electronic documents that bind a public
key with a user identity.
Block Cipher - correct answer An encryption method that encrypts data in fixed-side
blocks. Block size is 64 bits .
Stream Cipher - correct answer An encryption method that encrypts data as a stream
of bits or bytes. One bit at a time.
DES - correct answer A block cipher based on symmetric key cryptography and uses a
56- but key. Was once considered very secure but that is no longer the case
3DES - correct answer Triple Digital Encryption Standard. A symmetric algorithm used
to encrypt data and provide confidentiality. It was originally designed as a replacement
