WGU C836 - FUNDAMENTALS OF INFORMATION
SECURITY STUDY PREP
Information Security - ✔Protecting an organization's information and information
systems from unauthorized access, use, disclosure, disruption, modification, or
destruction.
Compliance - ✔Requirements that are set forth by laws and
industry regulations.
CIA - ✔Confidentiality, Integrity, Availability
Confidentiality - ✔Refers to our ability to protect our data from those who are not
authorized to use/view it
Integrity - ✔The ability to prevent people from changing your data in an unauthorized or
undesirable manner
Availability - ✔Refers to the ability to access our data when we need it
Possession/Control - ✔refers to the physical disposition of the media on which the data
is stored. (tape examples where some are encrypted and some are not)
Authenticity - ✔whether you've attributed the data in question to the proper owner or
creator. (altered email that says it's from one person when it's not - violation of the
authenticity of the email)
Utility - ✔refers to how useful the data is to you.
Attacks - ✔interception, interruption, modification, and
fabrication
Interception - ✔attacks that allow unauthorized users to access your data, applications,
or environments. Are primarily attacks against confidentiality
Interruption - ✔attacks that make your assets unusable or unavailable to you
temporarily or permanently. DoS attack on a mail server, for example. May also affect
integrity
Modification - ✔attacks involve tampering with our asset. Such attacks might primarily
be considered an integrity attack but could also represent an availability attack.
Fabrication - ✔attacks involve generating data, processes, communications, or other
similar activities with a system. Fabrication attacks primarily affect integrity but could be
considered an availability attack as well.
,WGU C836 - FUNDAMENTALS OF INFORMATION
SECURITY STUDY PREP
Risk - ✔is the likelihood that an event will occur. To have risk there must be a
threat and vulnerability.
Threats - ✔are any events being man-made, natural or environmental that could cause
damage to assets.
Vulnerabilities - ✔are a weakness that a threat event or the threat agent can take
advantage of.
Impact - ✔takes into account the value of the asset being threatened and uses it to
calculate risk
Risk Management Process - ✔Identify assets, identify threats, assess vulnerabilities,
assess risks, mitigate risks
Defense in Depth - ✔Using multiple layers of security to defend your assets.
Controls - ✔are the ways we protect assets. Three different types: physical, logical,
administrative
Physical Controls - ✔environment; physical items that protect assets think locks, doors,
guards, and, fences or environmental factors (time)
Logical Controls - ✔Sometimes called technical controls, these protect the systems,
networks, and environments that process, transmit, and store our data
Administrative Controls - ✔based on laws, rules, policies, and procedures, guidelines,
and other items that are "paper" in nature. They are the policies that organizations
create for governance. For example, acceptable use and email use policies.
Preparation - ✔phase of incident response consists of all of the activities that we can
perform, in advance of the incident itself, in order to better enable us to handle it.
Incident Response Process - ✔1. Preparation
2. Detection and Analysis (Identification)
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
Detection & Analysis - ✔where the action begins to happen in our incident response
process. In this phase, we will detect the occurrence of an issue and decide whether or
not it is actually an incident, so that we can respond appropriately to it.
, WGU C836 - FUNDAMENTALS OF INFORMATION
SECURITY STUDY PREP
Containment - ✔involves taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm.
Eradication - ✔attempt to remove the effects of the issue from our environment.
Recovery - ✔restoring devices or data to pre-incident state (rebuilding systems,
reloading applications, backup media, etc.)
Post-incident activity - ✔determine specifically what happened, why it happened, and
what we can do to keep it from happening again. (postmortem).
Identity - ✔who or what we claim to be. Simply an assertion.
Authentication - ✔the act of providing who or what we claim to be. More technically, the
set of methods used to establish whether a claim is true
Verification - ✔simply verifies status of ID. For example, showing your driver's license at
a bar. "Half-step" between identity and authentication
Five Different Types of Authentication - ✔• Something you know:
Username/Password/Pin
• Something you have: ID badge/swipe card/OTP
• Something you are: Fingerprint/Iris/Retina scan
• Somewhere you are: Geolocation
• Something you do: Handwriting/typing/walking
Single-factor authentication - ✔only using one type of authentication
Dual-factor authentication - ✔using two different factors of authentication (2 of the same
factor does not count )
Multi-factor authentication - ✔Use of several (more than two) authentication techniques
together, such as passwords and security tokens, and geolocation.
Mutual Authentication - ✔process where the session is
authenticated on both ends and just one end.
Mutual authentication prevents what kind of attacks? - ✔man-in-the-middle attacks
Using a password for access is what kind of authentication - ✔Something you know
An iris-scan for access is what kind of authentication - ✔Something you are
SECURITY STUDY PREP
Information Security - ✔Protecting an organization's information and information
systems from unauthorized access, use, disclosure, disruption, modification, or
destruction.
Compliance - ✔Requirements that are set forth by laws and
industry regulations.
CIA - ✔Confidentiality, Integrity, Availability
Confidentiality - ✔Refers to our ability to protect our data from those who are not
authorized to use/view it
Integrity - ✔The ability to prevent people from changing your data in an unauthorized or
undesirable manner
Availability - ✔Refers to the ability to access our data when we need it
Possession/Control - ✔refers to the physical disposition of the media on which the data
is stored. (tape examples where some are encrypted and some are not)
Authenticity - ✔whether you've attributed the data in question to the proper owner or
creator. (altered email that says it's from one person when it's not - violation of the
authenticity of the email)
Utility - ✔refers to how useful the data is to you.
Attacks - ✔interception, interruption, modification, and
fabrication
Interception - ✔attacks that allow unauthorized users to access your data, applications,
or environments. Are primarily attacks against confidentiality
Interruption - ✔attacks that make your assets unusable or unavailable to you
temporarily or permanently. DoS attack on a mail server, for example. May also affect
integrity
Modification - ✔attacks involve tampering with our asset. Such attacks might primarily
be considered an integrity attack but could also represent an availability attack.
Fabrication - ✔attacks involve generating data, processes, communications, or other
similar activities with a system. Fabrication attacks primarily affect integrity but could be
considered an availability attack as well.
,WGU C836 - FUNDAMENTALS OF INFORMATION
SECURITY STUDY PREP
Risk - ✔is the likelihood that an event will occur. To have risk there must be a
threat and vulnerability.
Threats - ✔are any events being man-made, natural or environmental that could cause
damage to assets.
Vulnerabilities - ✔are a weakness that a threat event or the threat agent can take
advantage of.
Impact - ✔takes into account the value of the asset being threatened and uses it to
calculate risk
Risk Management Process - ✔Identify assets, identify threats, assess vulnerabilities,
assess risks, mitigate risks
Defense in Depth - ✔Using multiple layers of security to defend your assets.
Controls - ✔are the ways we protect assets. Three different types: physical, logical,
administrative
Physical Controls - ✔environment; physical items that protect assets think locks, doors,
guards, and, fences or environmental factors (time)
Logical Controls - ✔Sometimes called technical controls, these protect the systems,
networks, and environments that process, transmit, and store our data
Administrative Controls - ✔based on laws, rules, policies, and procedures, guidelines,
and other items that are "paper" in nature. They are the policies that organizations
create for governance. For example, acceptable use and email use policies.
Preparation - ✔phase of incident response consists of all of the activities that we can
perform, in advance of the incident itself, in order to better enable us to handle it.
Incident Response Process - ✔1. Preparation
2. Detection and Analysis (Identification)
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
Detection & Analysis - ✔where the action begins to happen in our incident response
process. In this phase, we will detect the occurrence of an issue and decide whether or
not it is actually an incident, so that we can respond appropriately to it.
, WGU C836 - FUNDAMENTALS OF INFORMATION
SECURITY STUDY PREP
Containment - ✔involves taking steps to ensure that the situation does not cause any
more damage than it already has, or to at least lessen any ongoing harm.
Eradication - ✔attempt to remove the effects of the issue from our environment.
Recovery - ✔restoring devices or data to pre-incident state (rebuilding systems,
reloading applications, backup media, etc.)
Post-incident activity - ✔determine specifically what happened, why it happened, and
what we can do to keep it from happening again. (postmortem).
Identity - ✔who or what we claim to be. Simply an assertion.
Authentication - ✔the act of providing who or what we claim to be. More technically, the
set of methods used to establish whether a claim is true
Verification - ✔simply verifies status of ID. For example, showing your driver's license at
a bar. "Half-step" between identity and authentication
Five Different Types of Authentication - ✔• Something you know:
Username/Password/Pin
• Something you have: ID badge/swipe card/OTP
• Something you are: Fingerprint/Iris/Retina scan
• Somewhere you are: Geolocation
• Something you do: Handwriting/typing/walking
Single-factor authentication - ✔only using one type of authentication
Dual-factor authentication - ✔using two different factors of authentication (2 of the same
factor does not count )
Multi-factor authentication - ✔Use of several (more than two) authentication techniques
together, such as passwords and security tokens, and geolocation.
Mutual Authentication - ✔process where the session is
authenticated on both ends and just one end.
Mutual authentication prevents what kind of attacks? - ✔man-in-the-middle attacks
Using a password for access is what kind of authentication - ✔Something you know
An iris-scan for access is what kind of authentication - ✔Something you are
