1
WGU C836 FUNDAMENTALS OF INFORMATION
SECURITY OA EXAM QUESTIONS AND CORRECT
DETAILED ANSWERS ALREADY GRADED A+
Information Security - (answer)Protecting an organization's information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction.
Compliance - (answer)Requirements that are set forth by laws and
industry regulations.
CIA - (answer)Confidentiality, Integrity, Availability
Confidentiality - (answer)Refers to our ability to protect our data from those
who are not authorized to use/view it
Integrity - (answer)The ability to prevent people from changing your data in an
unauthorized or undesirable manner
Availability - (answer)Refers to the ability to access our data when we need it
Possession/Control - (answer)refers to the physical disposition of the media on
which the data is stored. (tape examples where some are encrypted and some
are not)
Authenticity - (answer)whether you've attributed the data in question to the
proper owner or creator. (altered email that says it's from one person when it's
not - violation of the authenticity of the email)
Utility - (answer)refers to how useful the data is to you.
, 2
Attacks - (answer)interception, interruption, modification, and
fabrication
Interception - (answer)attacks that allow unauthorized users to access your
data, applications, or environments. Are primarily attacks against
confidentiality
Interruption - (answer)attacks that make your assets unusable or unavailable
to you temporarily or permanently. DoS attack on a mail server, for example.
May also affect integrity
Modification - (answer)attacks involve tampering with our asset. Such attacks
might primarily be considered an integrity attack but could also represent an
availability attack.
Fabrication - (answer)attacks involve generating data, processes,
communications, or other similar activities with a system. Fabrication attacks
primarily affect integrity but could be considered an availability attack as well.
Risk - (answer)is the likelihood that an event will occur. To have risk there must
be a
threat and vulnerability.
Threats - (answer)are any events being man-made, natural or environmental
that could cause damage to assets.
Vulnerabilities - (answer)are a weakness that a threat event or the threat
agent can take advantage of.
, 3
Impact - (answer)takes into account the value of the asset being threatened
and uses it to calculate risk
Risk Management Process - (answer)Identify assets, identify threats, assess
vulnerabilities, assess risks, mitigate risks
Defense in Depth - (answer)Using multiple layers of security to defend your
assets.
Controls - (answer)are the ways we protect assets. Three different types:
physical, logical, administrative
Physical Controls - (answer)environment; physical items that protect assets
think locks, doors, guards, and, fences or environmental factors (time)
Logical Controls - (answer)Sometimes called technical controls, these protect
the systems, networks, and environments that process, transmit, and store our
data
Administrative Controls - (answer)based on laws, rules, policies, and
procedures, guidelines, and other items that are "paper" in nature. They are
the policies that organizations create for governance. For example, acceptable
use and email use policies.
Preparation - (answer)phase of incident response consists of all of the
activities that we can perform, in advance of the incident itself, in order to
better enable us to handle it.
Incident Response Process - (answer)1. Preparation
2. Detection and Analysis (Identification)
, 4
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
Detection & Analysis - (answer)where the action begins to happen in our
incident response process. In this phase, we will detect the occurrence of an
issue and decide whether or not it is actually an incident, so that we can
respond appropriately to it.
Containment - (answer)involves taking steps to ensure that the situation does
not cause any more damage than it already has, or to at least lessen any
ongoing harm.
Eradication - (answer)attempt to remove the effects of the issue from our
environment.
Recovery - (answer)restoring devices or data to pre-incident state (rebuilding
systems, reloading applications, backup media, etc.)
Post-incident activity - (answer)determine specifically what happened, why it
happened, and what we can do to keep it from happening again.
(postmortem).
Identity - (answer)who or what we claim to be. Simply an assertion.
Authentication - (answer)the act of providing who or what we claim to be.
More technically, the set of methods used to establish whether a claim is true
WGU C836 FUNDAMENTALS OF INFORMATION
SECURITY OA EXAM QUESTIONS AND CORRECT
DETAILED ANSWERS ALREADY GRADED A+
Information Security - (answer)Protecting an organization's information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction.
Compliance - (answer)Requirements that are set forth by laws and
industry regulations.
CIA - (answer)Confidentiality, Integrity, Availability
Confidentiality - (answer)Refers to our ability to protect our data from those
who are not authorized to use/view it
Integrity - (answer)The ability to prevent people from changing your data in an
unauthorized or undesirable manner
Availability - (answer)Refers to the ability to access our data when we need it
Possession/Control - (answer)refers to the physical disposition of the media on
which the data is stored. (tape examples where some are encrypted and some
are not)
Authenticity - (answer)whether you've attributed the data in question to the
proper owner or creator. (altered email that says it's from one person when it's
not - violation of the authenticity of the email)
Utility - (answer)refers to how useful the data is to you.
, 2
Attacks - (answer)interception, interruption, modification, and
fabrication
Interception - (answer)attacks that allow unauthorized users to access your
data, applications, or environments. Are primarily attacks against
confidentiality
Interruption - (answer)attacks that make your assets unusable or unavailable
to you temporarily or permanently. DoS attack on a mail server, for example.
May also affect integrity
Modification - (answer)attacks involve tampering with our asset. Such attacks
might primarily be considered an integrity attack but could also represent an
availability attack.
Fabrication - (answer)attacks involve generating data, processes,
communications, or other similar activities with a system. Fabrication attacks
primarily affect integrity but could be considered an availability attack as well.
Risk - (answer)is the likelihood that an event will occur. To have risk there must
be a
threat and vulnerability.
Threats - (answer)are any events being man-made, natural or environmental
that could cause damage to assets.
Vulnerabilities - (answer)are a weakness that a threat event or the threat
agent can take advantage of.
, 3
Impact - (answer)takes into account the value of the asset being threatened
and uses it to calculate risk
Risk Management Process - (answer)Identify assets, identify threats, assess
vulnerabilities, assess risks, mitigate risks
Defense in Depth - (answer)Using multiple layers of security to defend your
assets.
Controls - (answer)are the ways we protect assets. Three different types:
physical, logical, administrative
Physical Controls - (answer)environment; physical items that protect assets
think locks, doors, guards, and, fences or environmental factors (time)
Logical Controls - (answer)Sometimes called technical controls, these protect
the systems, networks, and environments that process, transmit, and store our
data
Administrative Controls - (answer)based on laws, rules, policies, and
procedures, guidelines, and other items that are "paper" in nature. They are
the policies that organizations create for governance. For example, acceptable
use and email use policies.
Preparation - (answer)phase of incident response consists of all of the
activities that we can perform, in advance of the incident itself, in order to
better enable us to handle it.
Incident Response Process - (answer)1. Preparation
2. Detection and Analysis (Identification)
, 4
3. Containment
4. Eradication
5. Recovery
6. Post-incident activity: document/Lessons learned
Detection & Analysis - (answer)where the action begins to happen in our
incident response process. In this phase, we will detect the occurrence of an
issue and decide whether or not it is actually an incident, so that we can
respond appropriately to it.
Containment - (answer)involves taking steps to ensure that the situation does
not cause any more damage than it already has, or to at least lessen any
ongoing harm.
Eradication - (answer)attempt to remove the effects of the issue from our
environment.
Recovery - (answer)restoring devices or data to pre-incident state (rebuilding
systems, reloading applications, backup media, etc.)
Post-incident activity - (answer)determine specifically what happened, why it
happened, and what we can do to keep it from happening again.
(postmortem).
Identity - (answer)who or what we claim to be. Simply an assertion.
Authentication - (answer)the act of providing who or what we claim to be.
More technically, the set of methods used to establish whether a claim is true
