Wgu D430 Fundamentals Of Information Security Study Guide Graded A+

Tools we need to defend our network {Ans: Network segmentation, firewalls, IDS/IPS , wireless secure protocols, VPNs, secure protocols, MDM, port scanners , packet sniffers, honeypots}Mandatory Access Control (MAC) {Ans: The most restrictive access control model, typically found in military settings in which security is of supreme importance.}CSRF {Ans: Cross-Site Request Forgery is an attack that causes an end user to execute unwanted actions on a web application in which he or she is currently authenticated. Unlike with XSS, in CSRF, the attacker exploits the website's trust of the browser rather than the other way around. The website thinks that the request came from the user's browser and was actually made by the user. However, the request was planted in the user's browser}Identification of critical information {Ans: 1st step in the OPSEC process, arguably the most important: to identify the assets that most need protection and will cause us the most harm if exposed}Role-Based Access Control (RBAC) {Ans: An access control model that bases the access control authorizations on the roles (or functions) that the user is assigned within an organization}risk mamagement {Ans: A constant process as assets are purchased, used and retired. The