Chapter 1

Question 1

Confidentiality

Answer 1

Prevents the unauthorized disclosure of data.

Question 2

Encryption

Answer 2

Scrambles data to make it unreadable by unauthorized personnel.

Question 3

PII

Answer 3

Personally identifiable information

Question 4

Access controls

Answer 4

Identification, authentication, and authorization combined provide access controls and ensure only authorized personnel can access data.

Question 5

Identification

Answer 5

User claims and identity with a unique username.

Question 6

Authentication

Answer 6

Users prove their identity with authentication such as with a password.

Question 7

Authorization

Answer 7

Access to a resource is granted or restricted by using an authorization methods such as permissions

Question 8

Steganography

Answer 8

Hiding data within data.

Question 9

Integrity

Answer 9

Provides assurances that the data has not been modified tampered with or corrupted. Hashing verifies integrity.

Question 10

Digital signatures

Answer 10

Can verify the integrity of emails and files. Did you know signatures require certificates and also provide after authentication and non-repudiation.

Question 11

Availability

Answer 11

Ensuring that data and services are available when needed.

Question 12

Redundancy

Answer 12

Provides duplication have critical systems or data.

Question 13

Fault tolerance

Answer 13

A system contains redundant components and can continue operating after experiencing a fault.

Question 14

Patching

Answer 14

The process of applying software updates to applications to ensure availability and security.

Question 15

Safety

Answer 15

Safety is a common goal of security. Examples include fencing, lighting, stronger locks, door access systems. Door locks typically fail open.

Question 16

Layered security

Answer 16

Combines multiple layers of security such as firewall intrusion detection systems content filtering and antivirus software.

Question 17

Risk

Answer 17

The likelihood that a threat will exploit of vulnerability.

Question 18

Identification

Answer 18

Occurs when a user claims and identity such as with a username or email address.

Question 19

Identity proofing

Answer 19

The process of verifying an individual is who he says he is prior to issuing him credentials.

Question 20

Factors of authentication

Answer 20

Something you know.
Something you have.
Something you are.
Some where you are.
Something you do. Gesture.

Question 21

Complex passwords

Answer 21

Use a mix of character types have a minimum password length of eight characters

Question 22

Before resetting passwords

Answer 22

Verify the users identity.

Question 23

Password history

Answer 23

Remembers the last few passwords have a user and prevents reuse.

Question 24

Minimum Password age

Answer 24

Prevents a user from changing your password for set time. Typically one day.

Question 25

Something you know

Answer 25

Typically a password or pin and the weakest form of authentication.

Question 26

Something you have

Answer 26

An item you can physically hold such a smart cards key fobs.

Question 27

Smart card

Answer 27

A credit card size card with the name bed is microchip and a certificate.

Question 28

CAC

Answer 28

Common access card. Smart card used by department of defense that has a picture of its user.

Question 29

PIV

Answer 29

Smart card used by federal agencies include photo identification and provides smartcard features.