General Security 2

Question 1

What is Technical Change Mangement

Answer 1

• Actual change management process
• Performed by technical team
• Concerned with “how” to change

Question 2

What is PKI?

Answer 2

• Public Key Infrastructure
• System of hardware, software, policies and standarts that work together to manage, and distribute digital certificates and public keys

Question 3

What is Key Escrow?

Answer 3

• Key storage management
• By third party or within an organization

Question 4

Which stored Data can be encrypted?

Answer 4

• SSD
• Hard Drive
• USB Drive
• Cloud Storage

Question 5

What is Full Disk and Volume Level Encryption?

Answer 5

Full Disk
* Encrypts entire contents of storage device

Volume level
* Encrypts specific volumes or partitions

Question 6

Which Programs are used in Windows and Mac to volume/partition?

Answer 6

• Bit Locker
• FileVault

Question 7

Which program is used in Windows to encrypt single files?

Answer 7

EFS - Encrypting File System

Question 8

Which ways are there to Encrypt Data from a Database?

Answer 8

Transparent Encryption
* Encrypts all data from a database
Record Level Encryption
* Encrypts individual columns
* Use of seperate symmetric keys for each column

Question 9

How to transport Encryption?

Answer 9

Encrypting in the application
* Browsers can communicate using HTTPS

VPN (Virtual Private Network)
* Encrypts all data transmitted over the network,
regardless of the application
* Client-based VPN using SSL/TLS
* Site-to-site VPN using IPsec

Question 10

How to make encryption algorithms more secure?

Answer 10

Length of key

Key Stretching
* Perform encryption process multiple times
* Hash of Hash
* Brute Force attacks would need to decrypt all previous keys