(2) Encryption and the Protection of Important Data Flashcards

1
Q

Why is it important to know when data is encrypted and when it is unencrypted?

A

It is important because sometimes data that was originally sent securely ends up being unencrypted at some point during the transfer process.

If the data becomes unencrypted later on, it is then vulnerable and defeats the purpose of encryption in the first place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the major parts of Public Key Infrastructure (PKI)?

A

The major parts of Public Key Infrastructure are:

Certificate Authority

Registration Authority

A directory that stores keys

A policy of certification that has the practices and procedures the PKI utilizes and which is also used to validate that the PKI is trustworthy

A management system that supports access to certificates and their delivery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Certificate Revocation List (CRL)?

A

A CRL allows certificate authorities to make certificates invalid before the certs expire if they are canceled or compromised.

The purpose of a CRL is to help guarantee that the certs can’t be trusted anymore are revoked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Secure Sockets Layer (SSL) Inspection devices?

A

An SSL inspection device involves putting a device between two connecting points, or by intercepting HTTPS or other connections. Then the connection needs to be terminated at the inspection device or computer and then pushing the connection on to the original destination.

The purpose of this setup is to watch traffic while keeping the data encrypted on both ends of the connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of environment does SSL inspection allow for?

A

SSL inspection allows traffic that would normally not be able to be inspected to be scanned by Intrustion Prevention Systems (IPS) and Data Loss Prevention (DLP) solutions

Command and control traffic can also be identified due to this type of system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the risk involved with an SSL inspection device or system?

A

The danger with an SSL inspection system or device is that it exposes sensitive traffic to the internet, which means that an attacker or malicious insider could access the data if they were able to access the SSL inspection service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are Data Loss Prevention (DLP) systems?

A

DLP systems try to protect data from being take out of the systems when it should be within the org.

It does its best to protect data at rest, in use, and endpoint systems where data can be used or stored.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of data is considered Card Holder Data (CHD)?

A

CHD includes Primary Account Number (PAN), cardholder name, and expiration date

This also includes sensitive authentication data, CVV (Card Verification Code), data in the magnetic stripe and chip, and a PIN

Also called PCI data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly