Download D430- Fundamentals of Information Security Questions with Accurate Answers and more Exams Computer Science in PDF only on Docsity!
D430- Fundamentals of Information
Security Questions with Accurate
Answers
Asymmetric Cryptography correct answer a public key and private key. The public key is used to encrypt data sent from the sender to the receiver and is shared with everyone. Private keys are used to decrypt data that arrives at the receiving end and are very carefully guarded by the receive (aka the public key cryptography. Asymmetric Key Algorithms correct answer Secure Sockets Layer(RSA): SSL, to secure transactions like web and e-mail traffic Elliptic Curve Cryptography (ECC): can secure all browser connections to the web servers Pretty Good Privacy (PGP): securing messages and files Transport Layer Security(TLS) Attack Types- Fabrication correct answer attacks that create false information Attack Types- Interception correct answer an attacker has access to data, applications, or environment Attack Types- Interruption correct answer attacks cause our assets to become unusable or unavailable Attack Types- Modification correct answer attacks involve tampering with our asset
Authentication correct answer verifying that a person is who they claim to be Something you know: PIN Something you have: swipe card Something you are: fingerprint Somewhere you are: geolocation Something you do: handwriting Authenticity correct answer allows us to talk about the proper attribution as to the owner or creator of the data in question Availability correct answer for ones AUTHORIZED to ACCESS data when needed Availability correct answer the ability for those authorized to access data when needed CIA Triad correct answer Confidentiality, Integrity, Availability Confidentiality correct answer allowing only those authorized to access the data requested Confidentiality correct answer WHO can access the data COPPA (Children's Online Privacy Protection Act) CO stands for "children online" correct answer Requires websites to protect information of children under 13 years of age
-Hashes are very useful when distributing files or sending communications, as the hash can be sent with the message so that the receiver can verify its integrity. HIPPA (Health Insurance Portability and Accountability Act) HI stands for "health insurance" correct answer Protects an individuals medical records. HITECH TECH means technology correct answer Privacy laws related to electronic transmission of health information under HIPPA. Honeypots correct answer detects, monitor, and sometimes tamper with the activities and vulnerabilities of an attacker. -May sometimes make false vulnerabilities for potential attackers in order to gather information about attacker pattenrs. Integrity correct answer keeping data unaltered in an unauthorized manner and reliable integrity correct answer keeping the data UNALTERED IPsec (Internet Protocol Security) and SSL VPN (Secure Sockets Layer Virtual Private Network) correct answer technologies that can be used to secure the connection between two devices. They can be used to establish a secure, encrypted tunnel between devices, which can be used to protect data in motion.
Least Privilege correct answer giving the bare minimum level of access it needs to perform its job/functionality Packet Filtering correct answer a technique by firewall to allow/block certain types of network traffic based on the IP, port, and protocol being used Packet Sniffers correct answer a technique used by attackers to intercept and read netowrk traffic. It allows an attacker to see the data that is being sent over a network. -Wireshark: gui tool for packet analyzer capable of capturing and analyzing network traffic -Tcpdump: this command-line packet sniffing tool runs on Linux and UNIX OS Parkerian hexad correct answer Confidentiality, Integrity, Availability, Possession, Authenticity, Utility PCI DSS (Payment Card Industry Data Security Standard) C stands for "credit card" correct answer A set of policies and procedures intended to optimize the security of credit, debit, and cash transactions and protect cardholders against misuse of their personal information. Port Scanners correct answer a software based utility. They are a security tool designed to search a network host for open ports on a TCP/IP-based network. -Nmap: network mapper, used to scan ports, search for hosts on the network, and other operations. Possession correct answer physical deposition of the media on which the data is stored
AES: uses three different ciphers: one with a 129-bit key, one with a 192-bit key, and one with a 256 bit key, all having a block lengthof 128 bits. The Fabrication attack type most commonly affects which principle(s) of the CIA triad? A Integrity and Availability B Confidentiality and Integrity C Availability D Integrity E Confidentiality correct answer (A) Integrity and Availability because most of the time they're impacting data The Interception attack type most commonly affects which principle(s) of the CIA triad? A Integrity and Availability B Confidentiality and Integrity C Availability D Integrity E Confidentiality correct answer (E) ONLY Confidentiality The Interruption attack type most commonly affects which principle(s) of the CIA triad?
A Integrity and Availability B Confidentiality and Integrity C Availability D Integrity E Confidentiality correct answer (A) Integrity and Availability because most of the time they're impacting data The Modification attack type most commonly affects which principle(s) of the CIA triad? A Integrity and Availability B Confidentiality and Integrity C Availability D Integrity E Confidentiality correct answer (A) Integrity and Availability because most of the time they're impacting data Threat correct answer something that has potential to cause harm Utility correct answer how useful the data is to us
