Security & Risk Management
These three principles are considered the most important within the realm of security.
What is the CIA Triad?
It is the method of removing data which uses a strong magnetic field to erase media.
What is degaussing?
The Cryptographic principle which provides assurance of what actions were performed by whom.
What is nonrepudiation?
The TCP Service which by default communicates over port 25.
What is SMTP?
A biometric authentication system that comes with privacy concerns, because it can reveal medical conditions.
What are retina scans?
The weakest element in any security solution.
What is the human compnent?
The primary method to prevent disclosure of confidential or proprietary information by those who have access to the information.
What is an NDA?
The cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection.
What is Kerckhoff’s principle?
A network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination.
What is a proxy?
The best way to provide accountability for the use of identities.
What is a logging?
The final step of quantitative risk assessment.
What is cost/benefit analysis?
The data roles which bears ultimate organizational responsibility for data
What is the data owner?
The cryptographic algorithm best known for its ability to securely exchange keys without pre-shared secrets.
What is Diffie-Hellman?
An exploitation where an attacker changes the domain name to IP address mappings of a system to redirect traffic to alternate systems.
What is DNS poisoning?
The service used to identify which certificates should not be honored even during their validity period.
What is a CRL?
Under the GDPR it is the requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed.
What is the right to be forgotten?
When a computer is removed from service and disposed of, the process that ensures that all storage media has been removed or destroyed.
What is sanitization?
The best protection unwanted electromagnetic transmissions from being exploited as a vulnerability.
What is a Faraday Cage?
A scalable wide area network solution which makes use of packet-mode transmission and requires a DTE/DCE at each connection point.
What is Frame Relay?
A component Kerberos infrastructure that provides an authentication service and a ticket granting service.
What is the KDC or Key Distribution Center?
The Code where an individual or business would look to find the text of an Administrative law.
What is the Code of Federal Regulations
The best way to secure data in transit.
What is TLS?
An attack in which the attacker exploits the difference in time between when a security control is verified and the data protected by the control is actually used.
What is TOCTOU?
Wireless network mode which can be used to directly connect two clients.
What is Ad Hoc mode?
A centralized access control technique that allows subject(s)s to be authenticated only once on a system and access multiple resources without authenticating again.
What is a SSO?