This type of attack involves forwarding data at a later date or time.
What is a replay attack?
This client-server model provides mutual authentication and works on the basis of tickets
What is kerberos?
What is the public key of the recipient?
The purpose of hashing documents
What is data integrity?
What is time normalization?
In this attack, the victim receives the replies from a directed IP broadcast sent by a bad actor to a border router.
What is a smurf attack?
This model uses assertions and service and identity providers
What is SAML?
Diffie Hellman and Elliptic Curve Cryptography are these type of one-time keys
What are ephemeral keys?
This simple yet surprisingly still effective attack uses phrases like 1=1
What is SQL injection?
Recording all stages wherein evidence is collected and names of those who have handled it
What is the chain of custody?
This attack involves manipulating individuals into revealing sensitive information or providing physical access to secure areas.
What is social engineering, or an impersonation attack?
Presenting something you know, something you are, and something you have, for example
What is multi-factor authentication
This key sports a .cer file extension and is in the P7B format
What is the public key?
The small amount of risk left over after mitigation
What is residual risk?
This clause should be added to any contract with a cloud provider so evidence can be collected
What is a 'right to audit' clause?
This attack cannot be detected by AV, NIDS, NIPS, or SIEM systems.
What is a zero-day attack?
restricting access to network or application resources based on a user's defined attributes
This key provides non-repudiation
What is the private key?
This secure coding practice controls the data being entered into a web request form
What is input validation?
preventing someone under investigation from deleting evidence
What is legal hold?
This attack involves sending emails to high-level executives in a targeted company
What is a spear-phishing attack?
This works over HTTPS and authorizes devices, APIs, servers, and applications with tokens rather than credentials
What is OAuth?
This tool is considered fastest in determining certificate validity
What is OCSP?
US law protecting medical information
What is HIPAA?
This should be done before and after investigating forensic data to prove to the court the evidence was not tampered with
What is hash the data?