Security & Risk Management
Asset Security
Security Engineering
Comms & Network Security
IAM
100

These three principles are considered the most important within the realm of security.

What is the CIA Triad?

100

It is the method of removing data which uses a strong magnetic field to erase media.

What is degaussing?

100

The Cryptographic principle which  provides assurance of what actions were performed by whom. 

What is nonrepudiation?

100

The TCP Service which by default communicates over port 25.

What is SMTP?

100

A biometric authentication system that comes with privacy concerns, because it can reveal medical conditions.

What are retina scans?

200

The weakest element in any security solution.

What is the human compnent?

200

The primary method to prevent disclosure of confidential or proprietary information by those who have access to the information.

What is an NDA?

200

The cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection.

What is Kerckhoff’s principle?

200

A network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination.

What is a proxy?

200

The best way to provide accountability for the use of identities.

What is a logging?

300

The final step of quantitative risk assessment.

What is cost/benefit analysis?

300

The data roles which bears ultimate organizational responsibility for data

What is the data owner?

300

The cryptographic algorithm best known for its ability to securely exchange keys without pre-shared secrets.

What is Diffie-Hellman?

300

An exploitation where an attacker changes the domain name to IP address mappings of a system to redirect traffic to alternate systems.

What is DNS poisoning?

300

The service used to identify which certificates should not be honored even during their validity period.

What is a CRL?

400

Under the GDPR it is the requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed.

What is the right to be forgotten?

400

When a computer is removed from service and disposed of, the process that ensures that all storage media has been removed or destroyed.

What is sanitization?

400

The best protection unwanted electromagnetic transmissions from being exploited as a vulnerability.

What is a Faraday Cage?

400

A scalable wide area network solution which makes use of packet-mode transmission and requires a DTE/DCE at each connection point.

What is Frame Relay?

400

A component Kerberos infrastructure that provides an authentication service and a ticket granting service.

What is the KDC or Key Distribution Center?

500

The Code where an individual or business would look to find the text of an Administrative law.

What is the Code of Federal Regulations

500

The best way to secure data in transit.

What is TLS?

500

An attack in which the attacker exploits the difference in time between when a security control is verified and the data protected by the control is actually used.

What is TOCTOU?

500

Wireless network mode which can be used to directly connect two clients.

What is Ad Hoc mode?

500

A centralized access control technique that allows subject(s)s to be authenticated only once on a system and access multiple resources without authenticating again.

What is a SSO?