Information Technology > QUESTIONS & ANSWERS > WGU C836 Fundamentals of Information security Terms, Exam Questions and answers, verified. Rated A (All)

WGU C836 Fundamentals of Information security Terms, Exam Questions and answers, verified. Rated A+

Document Content and Description Below

WGU C836 Fundamentals of Information security Terms, Exam Questions and answers, verified. Rated A+ Protecting information and information systems from unauthorized access, use, disclosure, disru... ption, modification, or destruction - ✔✔-Information Security Companies that process credit card payments must comply with this set of standards - ✔✔-Payment Card Industry Data Security Standard (PCI DSS) Used to keep something private or minimally known - ✔✔-Confidentially Refers to the ability to prevent our data from being changed in an unauthorized or undesirable manner. - ✔✔-Integrity Refers to the ability to access our data when we need it - ✔✔-Availability A type of attack, primarily against confidentiality - ✔✔-Interception Something that has the potential to cause harm to our assets - ✔✔-Threat A weakness that can be used to harm us - ✔✔-Vulnerability The likelihood that something bad will happen - ✔✔-Risk An attack that causes our assets to become unusable or unavailable for our use, on a temporary or permanent basis - ✔✔-Interruption attack An attack that involves tampering with our assets - ✔✔-Modification attack A model that adds three more principles to the CIA triad: Possession or Control, Authenticity, and Utility - ✔✔-Parkerian hexad The physical disposition of the media on which the data is stored - ✔✔-possession or control Allows for attribution as to the owner or creator of the data in question - ✔✔-Authenticity Refers to how useful the data is to us - ✔✔-Utility An attack that involves generating data, processes, communications, or other similar activities with a system - ✔✔-Fabrication attack One of the first and most important steps of the risk management process - ✔✔-Identify assets A multilayered defense that will allow us to achieve a successful defense should one or more of our defensive measures fail - ✔✔-defense in depth Based on rules, laws, policies, procedures, guidelines, and other items that are "paper" in nature - ✔✔- administrative controls Sometimes called technical controls, these protect the systems, networks, and environments that process, transmit, and store our data - ✔✔-logical controls Controls that protect the physical environment in which our systems sit, or where our data is stored - ✔✔-physical controls Involves putting measures in place to help ensure that a given type of threat is accounted for - ✔✔- migrating risk The risk management phase that consists of all of the activities that we can perform in advance of the incident itself, in order to better enable us to handle it - ✔✔-preparation phase The risk management phase where we detect the occurrence of an issue and decide whether it is actually an incident so that we can respond to it appropriately - ✔✔-detection and analysis phase The risk management phase where we determine specifically what happened, why it happened, and what we can do to keep it from happening again - ✔✔-Post-incident activity phase To completely remove the effects of the issue from our environment - ✔✔-Eradication Taking steps to ensure that the situation does not cause any more damage than it already has, or at the very least, lessen any ongoing harm - ✔✔-Containment Restore to a better state (either to the state prior to the incident, or if we did not detect the problem immediately, prior to when the issue started) - ✔✔-recover Something that supports our claim to identity, either in our personal interactions or in computer systems, e.g. social security cards - ✔✔-Identity verification Authentication requirements help prevent this crime - ✔✔-Falsifying identification A set of methods we use to establish a claim of identity as being true - ✔✔-Authentication A password is an example of this type of factor - ✔✔-Something you know An iris scan is an example of this type of factor - ✔✔-Something you are A swipe card is an example of this type of factor - ✔✔-Something you have The time delay between your keystrokes is an example of this type of factor - ✔✔-Something you do Being at a specific terminal is an example of this type of factor - ✔✔-where you are Uses one or more authentication methods for access - ✔✔-multi-factor authentication An authentication mechanism in which both parties authenticate each other - ✔✔-mutual authentication Elements of a complex password - ✔✔-A password that is a combination of uppercase letters, lowercase letters, numbers, and symbols, such as punctuation marks Unique personal characteristics, such as fingerprints, used for identification purposes - ✔✔-Biometrics A stipulation that our chosen biometric characteristic should be present in the majority of people we expect to enroll in the system - ✔✔-Universality A measure of the differences of a particular characteristic among a group of individuals - ✔✔- Uniqueness How well a particular characteristic resists change over time and with advancing age - ✔✔-Permanence How easy it is to acquire a characteristic that we can later use to authenticate a user - ✔✔-collect ability A set of metrics that judge how well a given system functions - ✔✔-performance measurement A measure of how agreeable a particular characteristic is to the users of a system - ✔✔-acceptability Describes the ease with which a system can be tricked by a falsified biometric identifier - ✔✔- Circumvention The rate at which we accept users whom we should actually have rejected - ✔✔-False acceptance rate (FAR) The rate at which we reject legitimate users when we should have accepted them - ✔✔-False rejection rate (FRR) Enables us to determine what users are allowed to do - ✔✔-Authorization States that we should allow only the bare minimum access required in order for a given party (person, user account, or process) to perform a needed functionality - ✔✔-Principle of Least Privilege The act of doing something that is prohibited by a law or rule - ✔✔-violation An act that grants a particular party access to a given resource - ✔✔-allowing access An act that prevents a party from accessing something, such as logging on to a machine or entering the lobby of our building after hours - ✔✔-denying access An act that allows some access to a given resource, but only up to a certain point - ✔✔-limiting access A set of resources devoted to a program, process, or similar entity, outside of which the entity cannot operate - ✔✔-Sandbox The ability to remove access from a resource at any point in time - ✔✔-Revocation Typically built to a certain resource, these contain the identifiers of the party allowed to access the resource and what the party is allowed to do. - ✔✔-Access control lists (ACLs) In this method of security, a person's capabilities are oriented around the use of a token that controls their access (e.g. a personal badge) - ✔✔-Capability-based security A type of attack that is more common in systems that use ACLs rather than capabilities - ✔✔-The confused deputy problem A type of attack that misuses the authority of the browser on the user's computer - ✔✔-Cross-site request forgery (CSRF) A client-side attack that takes advantage of some of the page rendering features that are available in newer browsers - ✔✔-Clickjacking Access is determined by the owner of the resource in question - ✔✔-Discretionary access control (DAC) Similar to MAC in that access controls are set by an authority responsible for doing so, rather than by the owner of the resource. In this model, access is based on the role the individual is performing - ✔✔- Role-based access control (RBAC) Access is based on attributes (of a person, a resource, or an environment) - ✔✔-Attribute-based access control Attributes of a particular individual, such as height - ✔✔-Subject attributes Attributes that relate to a particular resource, such as operating system or application - ✔✔-Resource attributes Attributes that relate to environmental conditions, such as time of day or length of time - ✔✔- Environmental attributes Designed to prevent conflicts of interest; commonly used in industries that handle sensitive data. Three main resource classes are considered in this model: objects, company groups, and conflict classes. - ✔✔- The Brewer and Nash model A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property. - ✔✔-The Bell-LaPadula model [Show More]

Last updated: 1 year ago

Preview 1 out of 21 pages

Reviews( 0 )

Recommended For You

 Business> QUESTIONS & ANSWERS > CE Shop, CE Shop Final Exam Questions and Answers 100% Pass (All)

preview
CE Shop, CE Shop Final Exam Questions and Answers 100% Pass

CE Shop Final Exam Questions and Answers 100% Pass Blaire apparently hasn't learned her lesson. She paid a $5,000 penalty when MREC found her guilty of misrepresentation, a $10,000 penalty when she...

By Nutmegs , Uploaded: Jul 16, 2023

$11

 *NURSING> QUESTIONS & ANSWERS > NR 602/ NR602 MIDTERM EXAM QUESTIONS and 100% CORRECT ANSWERS. (All)

preview
NR 602/ NR602 MIDTERM EXAM QUESTIONS and 100% CORRECT ANSWERS.

Question 1. A Bethesda System Pap smear report that reads LSIL is most consistent with which classification Question 2. A single Pap smear reading of ASCUS in a patient negative for HPV infection...

By Tashaj , Uploaded: Jan 25, 2021

$10

 Art> QUESTIONS & ANSWERS > ILLUSTRATOR CC EXAM QUESTIONS AND ANSWERS GRADED A+ 2023 LATEST UPDATE (All)

preview
ILLUSTRATOR CC EXAM QUESTIONS AND ANSWERS GRADED A+ 2023 LATEST UPDATE

You are designing a mobile app to be used on smartphones, and you need to create graphics that can be used in the application/ Under which circumstances might you need to get permission to use a p...

By StudyMasters Hub , Uploaded: Oct 27, 2023

$12

 *NURSING> QUESTIONS & ANSWERS > NGN ATI BIO RESPIRATORY PRACTICE EXAM QUESTIONS AND ANSWERS 100% GUARANTEED SUCCESS LATEST UPDATE 2023/2024 RATED A+ (All)

preview
NGN ATI BIO RESPIRATORY PRACTICE EXAM QUESTIONS AND ANSWERS 100% GUARANTEED SUCCESS LATEST UPDATE 2023/2024 RATED A+

NGN ATI BIO RESPIRATORY PRACTICE EXAM QUESTIONS AND ANSWERS 100% GUARANTEED SUCCESS LATEST UPDATE 2023/2024 RATED A+ An infant with respiratory syncytial virus (RSV) is being admitted to the hosp...

By skpass , Uploaded: Jun 29, 2023

$16

 Law> QUESTIONS & ANSWERS > CLG 0010 DOD GOV. COM. PUR. CARD OVERVIEW EXAM Questions and Answers. (All)

preview
CLG 0010 DOD GOV. COM. PUR. CARD OVERVIEW EXAM Questions and Answers.

CLG 0010 DOD GOV. COM. PUR. CARD OVERVIEW EXAM Questions and answers, 2022 update, Rated A+ whose responsibility is it to comply with Government agency standards of conduct? (select the three tha...

By bundleHub Solution guider , Uploaded: Aug 28, 2022

$10.5

 Social Sciences> QUESTIONS & ANSWERS > BCBA Exam Questions and Answers 100% Pass (All)

preview
BCBA Exam Questions and Answers 100% Pass

BCBA Exam Questions and Answers 100% Pass stimulus class ✔✔any group of stimuli sharing a predetermined set of common elements in one or more of the following: physical features, temporally, & func...

By Nutmegs , Uploaded: May 10, 2023

$15

 Medical Studies> QUESTIONS & ANSWERS > CSEP CPT Exam Questions and Answers Latest Updated 2022 Rated A (All)

preview
CSEP CPT Exam Questions and Answers Latest Updated 2022 Rated A

what is the average stroke volume during exercise and at rest? Correct Answer-Rest: 70 mL/b Exercise: 120-190mL/b what is the average cardiac output at rest and during Exercise? Correct Answer-Rest:...

By clairel^ , Uploaded: Jan 20, 2023

$9

 Emergency Medicine> QUESTIONS & ANSWERS > NREMT Exam Questions and Answers/Explained 2023/2024. (All)

preview
NREMT Exam Questions and Answers/Explained 2023/2024.

National Registry of Emergency Medical Technicians: Emergency Medical Responder NREMT Exam Questions and Answers/Explained 2022. You arrive to find a 48 year old male complaining that his chest feel...

By Expert#1 , Uploaded: May 14, 2022

$16

 Risk Management and Insurance> QUESTIONS & ANSWERS > Property and Casualty insurance exam questions and answers already passed (All)

preview
Property and Casualty insurance exam questions and answers already passed

Property and Casualty insurance exam questions and answers already passed Insurance ✔✔The transfer of risk through a legal contract Property ✔✔Covers real property and personal property against dam...

By Nutmegs , Uploaded: Oct 30, 2022

$12

 Mathematics> QUESTIONS & ANSWERS > State Farm Estimates Exam Questions and Answers Rated A+ (All)

preview
State Farm Estimates Exam Questions and Answers Rated A+

The formula for determining the area of a trapezoid is: Select the single best answer: A. [(Base1 + Base2) ÷ 2] x Height B. ½ Base x Height C. Base x Height D. ???? (pi r squared) Ans- [(base1+ba...

By Native , Uploaded: Feb 11, 2023

$11

$11.00

Add to cart

Instant download

Can't find what you want? Try our AI powered Search

OR

GET ASSIGNMENT HELP
20
0

Document information


Connected school, study & course



About the document


Uploaded On

Mar 16, 2023

Number of pages

21

Written in

Seller


seller-icon
Topmark

Member since 1 year

65 Documents Sold


Additional information

This document has been written for:

Uploaded

Mar 16, 2023

Downloads

 0

Views

 20

Document Keyword Tags

THE BEST STUDY GUIDES

Avoid resits and achieve higher grades with the best study guides, textbook notes, and class notes written by your fellow students

custom preview

Avoid examination resits

Your fellow students know the appropriate material to use to deliver high quality content. With this great service and assistance from fellow students, you can become well prepared and avoid having to resits exams.

custom preview

Get the best grades

Your fellow student knows the best materials to research on and use. This guarantee you the best grades in your examination. Your fellow students use high quality materials, textbooks and notes to ensure high quality

custom preview

Earn from your notes

Get paid by selling your notes and study materials to other students. Earn alot of cash and help other students in study by providing them with appropriate and high quality study materials.


$11.00

WHAT STUDENTS SAY ABOUT US


What is Browsegrades

In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.

We are here to help

We're available through e-mail, Twitter, Facebook, and live chat.
 FAQ
 Questions? Leave a message!

Follow us on
 Twitter

Copyright © Browsegrades · High quality services·