Missed Test Questions Dion Training Test 3 Flashcards
What is the focal point of Infrastructure as a Service?
IaaS, or infrastructure as a service, is on-demand access to cloud-hosted physical and virtual servers, storage and networking - the backend IT infrastructure for running applications and workloads in the cloud.
Purchasing a server in the cloud and installing an OS and software on it is considered infrastructure.
What is the focal point of Platform as a Service?
PaaS, or platform as a service, is on-demand access to a complete, ready-to-use, cloud-hosted platform for developing, running, maintaining and managing applications.
PaaS (Platform as a Service): PaaS products allow businesses and developers to host, build, and deploy consumer-facing apps.
What is Software as a Service?
SaaS, or software as a service, is on-demand access to ready-to-use, cloud-hosted application software.
What is SAML? How does it work?
Security Assertion Markup Language
- XML Based framework
- Uses SP (service provider) and IdP (identity provider) to provide authentication.
- Often paired with SOAP
- Provides SSO (single sign on) and federated identity management
- User Agent (typically a browser) requests resource from SP. SP forwards to IdP. IdP verifies user, and then sends them to requested resource
What is Data Minimization?
Data minimization means to only collect exactly what information is required to fulfill a specific purpose.
What is Data Masking?
Data masking can mean that all or part of a field’s contents are redacted, by substituting all character strings with x, for example.
What is Tokenization?
Tokenization means that all or part of data in a field is replaced with a randomly generated token.
The token is stored with the original value on a token server or token vault.
If necessary, tokenization is a reversible technique.
What is Data Anonymization?
Data anonymization is the process of removing personally identifiable information from data sets so that the people whom the data describe remain anonymous.
What is Sensitive Personal Information (SPI)?
According to the GDPR, information about an individual’s race or ethnic origin is classified as SPI.
SPI is information about a subject’s opinions, beliefs, and nature afforded specially protected status by privacy legislation.
It cannot be used to identify somebody or make any relevant assertions about health uniquely, it is neither PII nor PHI.
What containment technique is the strongest possible response to an incident?
Isolating the affected systems
What is enumeration?
Enumeration is defined as the process of extracting user names, machine names, network resources, shares, and services from a system.
What is Desktop as a Service?
Desktop as a Service (DaaS) provides a full virtualized desktop environment from within a cloud-based service. This is also known as VDI (Virtualized Desktop Infrastructure) and is coming in large enterprise businesses focused on increasing their security and minimizing their operational expenses.
What is a Rogue Anti-Virus?
Malicious software and internet fraud that misleads users into believing there is a virus on their computer and to pay money for a fake malware removal tool (that actually introduces malware to the computer).
It’s scareware that manipulates users through fear and a form of ransomware.
Is SMS encrypted?
Is it possible to encrypt SMS?
No
Yes, with a 3rd party application that supports it.
If a security scan finds a protocol running on an insecure port instead of its secure version, what should you do?
Change all devices that support the secure version to run on the secure port.
