Policies To Protect Data (Chapter 7)

Question 1

Software tokens

Answer 1

A style of 2FA in which an external devices is promoted with a unique authentication code that allows the program to verify the correct user.
- prevents relay attacks

Question 2

Relay Attack

Answer 2

An attacker intercepts some authentication data and refuses it to try to re-establish a session

Question 3

Remote Authentication Dail-in User Service (RADIUS)

Answer 3

Form of AAA used to manage remote and wireless authentication infrastructure, used for users to remotely log in to network

Question 4

Terminal Access Controller Access Control System (TACACS+)

Answer 4

An alternative to RADIUS used for network administrator to remotely work with network devices

Question 5

Policies hierarchy

Answer 5

Enforced Policy
OU policy
Domain Policy
Site policy
Local policy

Question 6

ICM

Answer 6

Information Content Management
- the process of managing information over it’s lifecycle, from creation to deletion
Data is classified under sensitivity levels (unclassified, classified, confidential, secret and top secret) which will dictate how the data is handled

Question 7

PII

Answer 7

Personal Identifiable Information
Data that can be used to identify or contact an individual

Question 8

PHI

Answer 8

Protected Health information
- information that identifies someone as the subject to medical and insurance records

Question 9

PCI DSS

Answer 9

Protected Card Information Data Security Standard
- standard for organisations that process bank card payments

Question 10

ACL

Answer 10

Access Control List
- The permission attached to or configured on a network resource

Question 11

ACE

Answer 11

Access Control Entries
- within an ALC, the records of subjects and permissions they hold on the resources

Question 12

Encrypting File System

Answer 12

files and folders can be encrypted to ensure privacy of the data
- dive must be formatted with NTFS
- windows business

Question 13

FDE

Answer 13

Full Disk Encryption
- encryption of all data on a disk and stores the encryption key on the motherboard TPM chip
- needs to be enabled in UEFI and BitLocker used to set up full disk encryption

Question 14

DLP

Answer 14

Data Loss Prevention
Software that can identify data that has been classified and apply fine-grained user privileges to it

Question 15

Incident Response lifecycle

Answer 15

1) Preparation
2) Detection & Analysis
3) Containment Eradication & Recovery
4) Post-incident activities

Question 16

CSIRT

Answer 16

Computer Security Incident Response Team
- Team responsible for incident Response by providing a range of decisions and technical skills needed.