WGU Fundamentals of Information Security D430
1. CIA Triad: Confidential - allowing only those authorized to access the data requested
Integrity - keeping data unaltered in an unauthorized manner and reliable
Availability - the ability for those authorized to access data when needed
2. Parkerian Hexad: Confidentiality Integrity Availability
Possession - physical deposition of the media on which the data is stored
Authenticity - allows us to talk about the proper attribution as to the owner or creator of the data in question
Utility - how useful the data is to us
3. Attack Types: Interception
Interruption
Modification Fabrication
4. Interception: an attacker has access to data , applications or environment
5. Interruption: attacks cause our assets to become unusable or unavailable
6. Modification: attacks involve tampering with our asset
7. Fabrication: attacks that create false information
8. Threat: something that has potential to cause harm
9. Vulnerability: weaknesses that can be used to harm us
10. Something you know: username , password , PIN
11. Something you have: ID badge , swipe card , OTP
12. Something you are: fingerprint, Iris Retina scan
13. Somewhere you are: geolocation
14. Something you do: handwriting , typing , walking
15. Authentication: verifying that a person is who they claim to be
16. Mutual authentication: Both parties in a transaction to authenticate each other - Has digital certificates
- Prevents man in the middle attacks
1/9
, WGU Fundamentals of Information Security D430
- The man in the middle is where the attacker inserts themselves into the traffic flow - Ex . Both the PC and server authenticate each
other before data is sent in either direction
17. Risk management process: 1. Identify Asset - identifying and categorizing assets that we're protecting
2. Identify Threats - identify threats
3. Assess Vulnerabilities - look for impacts
4. Assess Risk - asses the risk overall
5. Mitigate Risk - ensure that a given type of threat is accounted for
18. Incident response process: Preparation Detection and Analysis Identification
Containment
Eradication Recovery
Post - incident activity
19. Preparation: the activities that we can perform , in advance of the incident itself in order to better enable us to handle it .
20. Detection and Analysis (Identification): detect the occurrence of an issue and decide whether or not it is actually an
incident so that we can respond appropriately to it .
21. Containment: involves taking steps to ensure that the situation does not cause any more damage than it already has , or to at
least lessen any ongoing harm 22. Eradication: attempt to remove the effects of the issue from our environment
23. Recovery: restoring devices or data to pre - incident state ( rebuilding systems
, reloading applications , backup media , etc. )
24. Post - incident activity: determine specifically what happened , why it happened , and what we can do to keep it from
happening again . ( postmortem ) .
25. Authorization: what the user can access , modify , and delete
26. Least Privilege: giving the bare minimum level of access it needs to perform its job / functionality
27. Acess Control: Allowing - lets us give a particular party access to a given source
Denying - opposite of gaining access
Limiting - allowing some access to our resource , only up to a certain point
Revoking - takes access away from former user
2/9
1. CIA Triad: Confidential - allowing only those authorized to access the data requested
Integrity - keeping data unaltered in an unauthorized manner and reliable
Availability - the ability for those authorized to access data when needed
2. Parkerian Hexad: Confidentiality Integrity Availability
Possession - physical deposition of the media on which the data is stored
Authenticity - allows us to talk about the proper attribution as to the owner or creator of the data in question
Utility - how useful the data is to us
3. Attack Types: Interception
Interruption
Modification Fabrication
4. Interception: an attacker has access to data , applications or environment
5. Interruption: attacks cause our assets to become unusable or unavailable
6. Modification: attacks involve tampering with our asset
7. Fabrication: attacks that create false information
8. Threat: something that has potential to cause harm
9. Vulnerability: weaknesses that can be used to harm us
10. Something you know: username , password , PIN
11. Something you have: ID badge , swipe card , OTP
12. Something you are: fingerprint, Iris Retina scan
13. Somewhere you are: geolocation
14. Something you do: handwriting , typing , walking
15. Authentication: verifying that a person is who they claim to be
16. Mutual authentication: Both parties in a transaction to authenticate each other - Has digital certificates
- Prevents man in the middle attacks
1/9
, WGU Fundamentals of Information Security D430
- The man in the middle is where the attacker inserts themselves into the traffic flow - Ex . Both the PC and server authenticate each
other before data is sent in either direction
17. Risk management process: 1. Identify Asset - identifying and categorizing assets that we're protecting
2. Identify Threats - identify threats
3. Assess Vulnerabilities - look for impacts
4. Assess Risk - asses the risk overall
5. Mitigate Risk - ensure that a given type of threat is accounted for
18. Incident response process: Preparation Detection and Analysis Identification
Containment
Eradication Recovery
Post - incident activity
19. Preparation: the activities that we can perform , in advance of the incident itself in order to better enable us to handle it .
20. Detection and Analysis (Identification): detect the occurrence of an issue and decide whether or not it is actually an
incident so that we can respond appropriately to it .
21. Containment: involves taking steps to ensure that the situation does not cause any more damage than it already has , or to at
least lessen any ongoing harm 22. Eradication: attempt to remove the effects of the issue from our environment
23. Recovery: restoring devices or data to pre - incident state ( rebuilding systems
, reloading applications , backup media , etc. )
24. Post - incident activity: determine specifically what happened , why it happened , and what we can do to keep it from
happening again . ( postmortem ) .
25. Authorization: what the user can access , modify , and delete
26. Least Privilege: giving the bare minimum level of access it needs to perform its job / functionality
27. Acess Control: Allowing - lets us give a particular party access to a given source
Denying - opposite of gaining access
Limiting - allowing some access to our resource , only up to a certain point
Revoking - takes access away from former user
2/9
