Government/Law/Ethics
Authentication/Access Control
Threats/Attacks/Vulnerabilities
Policies/Disaster Recovery
Potpourri
100

This Privacy Act applies to the US executive branch only.

What is the Federal Privacy Act

100

This is an effective line of defense against social engineering.

What is authentication

100

Concept that means security devices that are layered in a series that prevents, detects, and responds to attacks on systems.

What is defense in depth

100

Something done on policies, standards, procedures, and guidelines annually.

What is reviewed

100

The default of an automatically locking door from the outside in can be to lock.  The default of an automatically locking door from the inside out must be unlocked. Why is this the case?

What is because people need to get out of the room in case of an emergency.

200

An area of support that is responsible for being the liaison to internal and external entities on info sec matters.

What is Governance & Compliance

200

checks access rights and grants access to resources

What is access control

200

Security problems related to spam and phishing are through what service

What is email

200

The basic component of a policy that states where, how, when, to whom and to what it applies.

What is applicability

200

The weakest link in information security.

What are people

300

A law that allows an individual to request US government information

What is the freedom of information act (FOIA)

300

Authentication strategy using a fingerprint is an example 

Something you are 

300

Redirecting a user from a legit site to a malicious site to get user ids and passwords.

What is Pharming

300

Shared-site, hot site and alternate site

What are Disaster recovery strategies

300

Balancing risk, objectives, and costs is important in creating this.

What is an enterprise information security plan.

400

These logs should be used as an audit trail

What are event logs

400

A list of access rights for each file where each entry ids a specific user and contains a list of access rights for the user

What is an access control list (ACL)

400

Relativistic security decisions use this as an example

The hunter's dilemma

400

Security policies that are so common that they aren't usually written.

What is informal policy
400

These can use packet, session and application filtering mechanisms 

What are firewalls

500

Potpourri - This must be unique on a network and is associated with a network interface card.

What is a MAC address

500

A group of computers that are controlled by someone(s) used to perpetrate a large scale of attack

What are botnets

500

A mistake in software that can be directly used by a hacker to gain access to a system or network

What is a vulnerability

500

cold, hot, and warm sites

What are alternate sites

500

192.168.1.1 for example

What is an IPv4 address

M
e
n
u