Module 2

Question 1

Security Controls

Answer 1

Safeguards designed to reduce specific security risks

Question 2

Types of security controls

Answer 2

Technical

Operational

Managerial

Question 3

Information Privacy

Answer 3

The protection of unauthorized access and distribution of data

Question 4

Principle of least privilege

Answer 4

The concept of granting only the minimal access and authorization required to complete a task or function

Question 5

Data Owner

Answer 5

The person that decides who can access, edit, use, or destroy their information

Question 6

Data Custodian

Answer 6

Anyone or anything thats responsible for the safe handling, transport, and storage of information

Question 7

Personably Identifiable Information (PII)

Answer 7

Any information that can be used to infer an individuals identity

Question 8

Cryptography

Answer 8

The process of transforming information into a form that unintended readers cant understand

Question 9

Algorithm

Answer 9

A set of rules used that solve a problem

Question 10

Cipher

Answer 10

An algorithm that encrypts information

Question 11

Cryptographic Key

Answer 11

A mechanism that decrypts ciphertext

Question 12

Brute Force Attack

Answer 12

A trial and error process of discovering private information

Question 13

Public Key Infrastructure (PKI)

Answer 13

An encryption framework that secures the exchange of information online

Question 14

Asymmetric Encryption

Answer 14

The use of a public and private key pair for encryption and decryption of data

Question 15

Symmetric Encryption

Answer 15

The use of a single secret key to exchange information

Question 16

PKI Process

Answer 16

Exchange of encrypted information

Establish trust using a system of digital certificates