IT 128 Review Resource

Policies, laws and regulations

Risk mitigation

Provide infrastructure, application, operational and information security

CIA & AAA

Identify appropriate security technologies and products

100

This is the federal law that insurance companies (& others) must abide by to ensure confidentiality of ePHI.

What is HIPPA?

100

Providing information to users on how phishing emails are written.

What is user education/user training?

100

The process of securing a system by reducing its surface of vulnerability.

What is system hardening?

100

The practice of ensuring that those who are authorized to access information CAN access information.

What is "Availability"?

100

A type of malware that can encrypt information and hold the data hostage.

What is ransomware?

200

The international agreement (not worldwide) that encourages international cooperation to fight cybercrime.

What is the Budapest Convention?

200

The more complex replacement for passwords?

Passphrases

200

Verifies the integrity of DNS records.

What is DNSSEC?

200

Kerberos implemented in Windows domain environments.

What is the default authentication method?

200

Pupy

What is a RAT?

300

A public citizen or organization requesting a governmental organization's records.

What is a public records request?

300

The switch technology to obtain copies of other switch port information.

What is port mirroring ?

300

The solution to implement to provide security and mitigate switch flooding.

What is Flood Guard?

300

The IETF standard for AAA.

What is RADIUS?

300

Refog

What is a keylogger?

400

The US federal law that protects children under 13 from targeted soliciation of information gathering practices and activities.

What is COPPA?

400

The single loss expectancy multiplied by the annual rate of occurrence.

What is the annual loss expectancy or ALE?

400

A popular network protocol analyzer.

What is Wireshark?

400

The wifi mode that that can use a username, certificate, and a passphrase.

What is Enterprise mode (versus PSK)?

400

The object that has a combination of a public key, information about the identity of its owner, and a digital signature.

What is a Public Key Certificate?

500

A primary US federal law that makes "computer fraud" illegal across the internet.

What is CFAA?

500

Creating and implementing SOPs and personnel policies in an organization.

What is controlling risk?

500

A small, isolated network positioned between the Internet and the private network to protect a LAN.

What is a DMZ?

500

The algorithm to privately share a symmetric key between two parties.

What is Diffie-Hellman?

500

Pfsense

What is a free and open source firewall and router that also features an UTM and load balancing?