WGU D430 fundamentals of information
security
Information security - Answers -Keeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
Compliance - Answers -The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
CIA - Answers -The core model of all information security. Confidential, integrity and
availability
Confidential - Answers -Allowing only those authorized to access the data requested
integrity - Answers -Keeping data unaltered by accidental or malicious intent
Availability - Answers -The ability to access data when needed
Parkerian hexad model - Answers -Confidentiality , integrity, availability,
possession/control, authenticity, utility
Possession/ control - Answers -Refers to the physical disposition of the media on which
the data is stored
authenticity - Answers -Allows us to talk about the proper attribution as to the owner or
creator of the data in question
Utility - Answers -How useful the data is to us
Types of attacks - Answers -1- interception
2- interruption
3- modification
4- fabrication
Interception - Answers -Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
Interruption - Answers -Attacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
,Modification - Answers -Attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
Fabrication - Answers -Attacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
Risk - Answers -The likelihood that a threat will occur. There must be a threat and
vulnerability
Threat - Answers -Any event being man-made, natural or environmental that could
damage the assets
Vulnerabilities - Answers -Weakness that a threat event or the threat can take
advantage of
Impact - Answers -taking into account the assets cost
Controls - Answers -The ways we protect assets. Physical, technical/ logical, and
administrative
Physical controls - Answers -Controls are physical items that protect assets. Think of
locks, doors, guards and fences
Technical/ logical controls - Answers -Controls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
Administrative controls - Answers -Controls are the policies that organizations create for
governance. Ex: email policies
risk mamagement - Answers -A constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - Answers -First and most important part or risk management. Identifying
and categorizing the assets we are protecting
Identify threats - Answers -Once we have our critical assets we can identify the threats
that might effect them
Assess Vulnerabilities - Answers -Look at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
, Assess risks - Answers -Once we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
Mitigating risks - Answers -Putting measures in place to help ensure that a given type of
threat is accounted for
Incident response - Answers -Response to when risk management practices have failed
and have cause an inconvenience to a disastrous event
Incident response cycle - Answers -1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - Answers -The preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - Answers -Where the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
Containment phase - Answers -Taking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - Answers -We will attempt to remove the effects of the issue from
our environment
Recovery phase - Answers -Recover to a better state that we were prior to the incident
or perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - Answers -We attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
Defense in depth - Answers -Layering of security controls is more effective and secure
than relying on a single control
Identity - Answers -Who or what we claim to be ( username)
Authentication - Answers -The act of proving who or what we claim to be (password)
Identity verification - Answers -The half step between identity and authentication
(showing two forms of Id)
security
Information security - Answers -Keeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
Compliance - Answers -The requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
CIA - Answers -The core model of all information security. Confidential, integrity and
availability
Confidential - Answers -Allowing only those authorized to access the data requested
integrity - Answers -Keeping data unaltered by accidental or malicious intent
Availability - Answers -The ability to access data when needed
Parkerian hexad model - Answers -Confidentiality , integrity, availability,
possession/control, authenticity, utility
Possession/ control - Answers -Refers to the physical disposition of the media on which
the data is stored
authenticity - Answers -Allows us to talk about the proper attribution as to the owner or
creator of the data in question
Utility - Answers -How useful the data is to us
Types of attacks - Answers -1- interception
2- interruption
3- modification
4- fabrication
Interception - Answers -Attacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
Interruption - Answers -Attacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
,Modification - Answers -Attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
Fabrication - Answers -Attacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
Risk - Answers -The likelihood that a threat will occur. There must be a threat and
vulnerability
Threat - Answers -Any event being man-made, natural or environmental that could
damage the assets
Vulnerabilities - Answers -Weakness that a threat event or the threat can take
advantage of
Impact - Answers -taking into account the assets cost
Controls - Answers -The ways we protect assets. Physical, technical/ logical, and
administrative
Physical controls - Answers -Controls are physical items that protect assets. Think of
locks, doors, guards and fences
Technical/ logical controls - Answers -Controls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
Administrative controls - Answers -Controls are the policies that organizations create for
governance. Ex: email policies
risk mamagement - Answers -A constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - Answers -First and most important part or risk management. Identifying
and categorizing the assets we are protecting
Identify threats - Answers -Once we have our critical assets we can identify the threats
that might effect them
Assess Vulnerabilities - Answers -Look at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
, Assess risks - Answers -Once we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
Mitigating risks - Answers -Putting measures in place to help ensure that a given type of
threat is accounted for
Incident response - Answers -Response to when risk management practices have failed
and have cause an inconvenience to a disastrous event
Incident response cycle - Answers -1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - Answers -The preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - Answers -Where the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
Containment phase - Answers -Taking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - Answers -We will attempt to remove the effects of the issue from
our environment
Recovery phase - Answers -Recover to a better state that we were prior to the incident
or perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - Answers -We attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
Defense in depth - Answers -Layering of security controls is more effective and secure
than relying on a single control
Identity - Answers -Who or what we claim to be ( username)
Authentication - Answers -The act of proving who or what we claim to be (password)
Identity verification - Answers -The half step between identity and authentication
(showing two forms of Id)
