Time to Attack
This type of attack occurs when an attacker obtains the bank account number and birth date by calling the victim.
What is Vishing
During the login process, your phone receives a text message with a one-time passcode.
What is something you have
These international standards provide information on privacy and managing PII.
What is ISO 27701
The ISO (International Organization for Standardization) 27701 standard extends the ISO 27001 and 27002 standards to include detailed management of PII (Personally Identifiable Information) and data privacy.
A security administrator is concerned about data exfiltration resulting from the use of malicious phone charging stations.
What technology would be the BEST way to protect against this threat?
What is USB data blocker
USB data blockers are physical USB cables that allow power connections but prevent data connections. With a USB data blocker attached, any power source can be used without a security concern.
This secure network protocol is best used for accepting customer purchases from your primary website.
What is HTTPS
This type of attack occurs when an attacker modifies a legitimate DNS server to resolve the IP address of a malicious site.
What is Spoofing
What is Something you know
This standard would be required to maintain payment information from customer credit cards.
What is PCI DSS
A company would like to protect the data stored on laptops used in the field. What solution would be the BEST choice for this requirement?
What is Self-Encrypting Drive (SED) or full-disk encryption
A SED (Self-Encrypting Drive) provides data protection of a storage device using full-disk encryption in the drive hardware.
This secure network protocol is best for synchronizing the time across all of your devices.
What is NTPsec
This type of attack occurs when an attacker intercepts all communication between a client and a web server.
What is On-path
You must sign a check-in sheet before entering a controlled area.
What is something you can do
This would come into play for companies requiring data protection and privacy standards within Italy, Germany, or France.
What is General Data Protection Regulation (GDPR)
This would be the BEST way to provide a website login using existing credentials from a third party site.
What is Federation
Federation would allow members of one organization to authenticate using the credentials of another organization.
This secure network protocol is best for accessing your switch using a CLI terminal screen.
What is SSH
This type of attack occurs when multiple attackers overwhelm a web server.
What is Distributed Denial of Service (DDoS)
You can use your fingerprint to unlock the door to the data center.
What is Something you are
DAILY DOUBLE!!!
What is NIST RMF
DAILY DOUBLE!!
What is On-path
An on-path attack is often associated with a third-party who is actively intercepting network traffic. This entity in the middle would not be able to provide a valid SSL certificate for a third-party website, and this error would appear in the browser as a warning.
This secure network protocol is best for talking with customers on scheduled conference calls.
What is SRTP
This type of attack occurs when a virus alert appears in your browser from Microsoft with a phone number to call for support.
What is Hoax
Your login will not work unless you are connected to the VPN.
What is somewhere you are
These international standards set standards for risk management practices.
What is ISO 31000
A security engineer runs a monthly vulnerability scan. The scan doesn’t list any vulnerabilities for Windows servers, but a significant vulnerability was announced last week and none of the servers are patched yet. This is the BEST way to describe this result.
What is a false negative
A false negative is a result that fails to detect an issue when one actually exists.
This secure network protocol is best for gathering metrics from routers at remote sites.
What is SNMPv3