Testout Security Pro Flashcards

1
Q

3DES

A

Triple DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AAA

A

Authentication, Authorization, Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Access Control

A

The ability to permit or deny the privileges that users have when accessing resources on a network or computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Access Control Auditing (or Access Control Accounting)

A

Maintaining a record of a subject’s activity within the information system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access Control Authentication

A

The process of validating a subject’s identity. It includes the identification process, the user providing input to prove identity, and the system accepting that input as valid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Access Control Authorization

A

The granting or denying a subject’s access to an object based on the level of permissions or the actions allowed on the object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Access Control Identification

A

Identifies the subject. Examples include a username or a user ID number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Access Control Matrix

A

Provide an interface for implementing an ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Access Control Object

A

Data, applications, systems, networks and physical space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Access Control Policy

A

Defines the steps & measures that are taken to control access to objects by subjects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Access Control Subjects

A

Users, applications or processes that need access to an object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Access Control System

A

The access control system includes the policies, procedures, and technologies, that’re implemented to control a subject’s access to an object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Account Lockout Threshold

A

Number of incorrect logon attempts that are allowed before the account is locked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Account Locout

A

Disables a user account after a specified number of incorrect logon attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Account Policies

A

Control the composition and use of passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Account Restrictions

A

Allow login only during certain days/hours, only from specific computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Accounting

A

Maintaining a record of a subject’s activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

activation mechanism

A

The virus only replicates when the activation mechanism is triggered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Active Directory

A

A directory service that uses a hierarchical database to store user accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Active Directory Object Attributes

A

Every active directory object has attributes that’re populated with values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

AD Domain

A

Objects are grouped together into a domain, usually denoted by a triangle. Domains are identified by their DNS Namespace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Administrative Control

A

Policies that describe accepted practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Administrive Access Control

A

Policies that describe accepted practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

AES

A

Advanced Encryption Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Algorithm

A

Process or formula used to convert a message into its meaning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Analytic Attack

A

Exploits a structural weakness in the algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Application (Layer 7)

A

Integrates network functionality into OS. (For example: proxy firewall, gateway services, etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

ARM

A

Advanced RISC Machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Auditing

A

Maintaining a record of a subject’s activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Authentication

A

Users must prove that they are who they say they are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Authentication

A

Validating a subject identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Authorization

A

Granting or denying a subject access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Authorization

A

Process of controlling access to resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Authorization Table

A

Matrix of access control objects, subjects, and their associated rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Basic Encoding Rules (BER)

A

Original rules for encoding abstract info into a concrete data stream. Specifies a set of self-identifying & self-delimiting schemes which allow each data value to be identified, extracted & decoded individually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

BER

A

Basic Encoding Rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Birthday Attack

A

A brute force attack where the attacked hashes messages until one with the same hash is found.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Block cipher

A

Encrypts by transposing plain text in chunks (block-by-block).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Brewer-Nash

A

Prevent conflicts of interest by dynamically adjusting access based on current activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Brute Force Attack

A

Attacker tries every known key combination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Cat5

A

cable specifications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Category 1 Active Directory Objects

A

Resources. (They can represent network resources, like printers.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Category 2 Active Directory Objects

A

Security Principals, including users, computers and groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

CBC

A

Cipher Block Chaining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

CFB

A

Cipher Feedback

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Cipher Text

A

Unreadable message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Clark-Wilson

A

Controlled intermediary access applications that prevent direct access to the back-end database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Class A

A

1.0.0.0 to 126.255.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Class B

A

128.0.0.0 to 191.255.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Class C

A

192.0.0.0 to 223.255.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Class D

A

224.0.0.0 to 239.225.225.225

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Class E

A

240.0.0.0 to 255.255.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Clipping level of 9

A

Account will be locked after 9 incorrect attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Code Substitution

A

Hidden words with unrelated terms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Collision

A

Two different messages produce the same hash value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Collision Resistance

A

A hash algorithm’s ability to avoid the same output from two guessed inputs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Compensative Access Control

A

Alternatives to primary access controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Computer Policies also called?

A

Machine Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Confidentiality

A

Keep secrets a secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Connection-oriented

A

Reliable data transmissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Containment Rules

A

What types of objects can reside within other objects?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Content Dependent Access Control

A

CDAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Context-based Access Control

A

CBAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Corrective

A

Implement short-term repairs to restore basic functionality following an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Corrective Access Control

A

Implement short-term repairs to restore basic functionality following an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Creeping privileges

A

Escalation of privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Cryptanalysis Goal:

A

Retrieve as much info as possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Cryptography

A

Process of counseling messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Cryptology

A

Study of cryptography and cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Cryptosystem

A

Associated items of cryptographic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Cumulative Permissions

A

Access to more than one entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Cyptanalysis

A

Recovering original data that has been encrypted w/o key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

Cyptographer

A

Person who develops a converting plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

DAC

A

Discretionary Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Data Link (Layer 2)

A

Defines rules and procedures for hosts as they access the Physical layer, including how multiple nodes share and coordinate the use of the same physical segment of the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Decryption

A

Procedure used to convert data from cipher text into plain text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Defense in Depth

A

Layered defenses at each level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Define Content Dependent Access Control

A

Protects databases that contains sensitive information from a breach of privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Define Context-based Access Control

A

Mostly used to expand the decision-making capabilities of a firewall application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Define Discretionary Access Control

A

Assigns access directly to subject based on decision of the owner. Manages access using identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Define Discretionary Access Control List

A

Implementation of discretionary access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Define Federated Access Control

A

Arrangement that can be made among multiple enterprises that lets subscribers use the same identification data to obtain access to the networks of all enterprises in the group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Define Mandatory Access Control

A

Labels or attributes for subjects and objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Define Role-Based Access Control

A

Allows access based on a role in an organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Define Rule Set-Based Access Control

A

Characteristics of objects or subjects along with rules, to restrict access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

Define System Access Control List

A

Used by Microsoft for auditing to identify past actions performed by users on an object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Define Task-Based Access Control

A

Individual work tasks assign privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

Define Temporal Role-Based Access

A

Allows for role-based access control rules to only be in effect fora certain time period

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

Define View-based Access Control

A

Type of constrained user interface used to control a subject’s access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Deny Permissions

A

Always override Allow permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

DES

A

Data Encryption Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

Detective

A

Search for details about the attack or the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

Detective Access Control

A

Search for details about the attack or the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

Deterrent

A

Discourage continued or escalations of attacks during an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

Deterrent Access Control

A

Discourage continued or escalations of attacks during an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

Dictionary Attack

A

Uses known words and common variations

97
Q

Directory Schema

A

A list of attributes. Attributes from these lists are glued together to compose an object.

98
Q

Directory Service

A

Example of a technical access control system that you use to manage and enforce access control policies.

99
Q

Discretionary Access Control List

A

DACL

100
Q

Domain Controllers

A

Holds a copy of the Active Directory database.

101
Q

ECB

A

Electronic Code Book

102
Q

Effective Permissions

A

Access rights are cumulative

103
Q

EIA/TIA 232

A

serial signaling

104
Q

Encryption

A

Process of using an algorithm to transform data from plain text to cipher text

105
Q

Enforce Password Complexity

A

Harder passwords

106
Q

Enforce Password History

A

Remember passwords so the user can’t re-use passwords

107
Q

Explicit Deny

A

Identifies users who are not allowed access

108
Q

File Integrity

A

The downloaded file is complete, not corrupted whilst downloading, same as original and not virus-ridden.

109
Q

FIM

A

Federated Access Control

110
Q

Flat File Database

A

Unstructured, local user accounts.

111
Q

Forests

A

A collection of trees that share a common global catalog and a common directory schema.

112
Q

GPO

A

Group Policy Object

113
Q

GPO affects

A

Only the location it is applied to

114
Q

GPOs can’t be linked

A

Built-In Containers

115
Q

Group

A

Object that identifies a set of users with similar access needs

116
Q

Hash

A

A function that takes a variable-length string, compresses it and transforms it into a fixed-length value.

117
Q

Hierarchical Database

A

Allows you to sort and organize your user accounts by location, function and department. Allows you to replicate it.

118
Q

High Amplification or The Avalanche Effect

A

A small change in the message results in a big change in the hashed value.

119
Q

HMAC

A

Keyed-hash Message Authentication Code

120
Q

IDEA

A

International Data Encryption Algorithm

121
Q

Identification

A

Identifies the subject

122
Q

Implicit Deny

A

Users are denied access unless they have been granted access

123
Q

In-Band Distribution

A

Uses mechanisms such as the following to distribute the key:

124
Q

Initialization Vector

A

Seed value used in encryption

125
Q

Integrity

A

Ensures that information is not corrupted or altered

126
Q

Interface ID

A

The last 64-bits.

127
Q

IP address

A

Layer 3 address that is logically assigned to a host.

128
Q

IPv4

A

A 32-bit binary number between 0 and 255, represented as four octets (four 8-bit numbers.)

129
Q

IPv6

A

128-bit binary number

130
Q

IPv6 Prefix

A

The first 64-bits.

131
Q

IV

A

Initialization Vector

132
Q

IV

A

Initialization Vector

133
Q

Job Rotation

A

Staff are cross trained in different areas

134
Q

Key

A

Variable in a cipher used to encrypt/decrpt a message

135
Q

Key Cluster Attack

A

Occurs when different keys produce the same cuphertext

136
Q

Key Space

A

Typically short, ranging from 56-bits to 512-bits.

137
Q

Keystream

A

A sequence of bits which is used for encryption.

138
Q

Keystream Generator

A

Produces long streams of bits with no patterns.

139
Q

MAC

A

Mandatory Access Control

140
Q

MAC address

A

Layer 2 address that’s physically assigned in the firmware of the NIC.

141
Q

MAC Classification Labels

A

Assigned to objects by the owner

142
Q

MAC Clearance Labels

A

Assigned to subjects

143
Q

Macro virus

A

A virus that takes advantage of application programs that use macros to automate repetitive functions.

144
Q

Man-in-the-Middle

A

Attacker gets between two communicating parties

145
Q

Mandatory Access Control (MAC)

A

MAC uses labels or attributes for both subjects and objects. Any operation by any subject on any object will be tested against a set of authorization rules to determine if the operation is allowed.

146
Q

Maximum Password Age

A

Forces users to change the password after the specified time interval

147
Q

MD5

A

Developed by RSA.

148
Q

Member servers

A

When a server joins the Active Directory domain, it becomes a member, but it doesn’t have a copy of the domain database.

149
Q

Minimum Password Age

A

Prevent users from changing passwords too soon

150
Q

Minimum password age set to 2

A

Users cannot change the password for 2 days.

151
Q

Multipartite Virus

A

A virus that is a combination of multiple attacks.

152
Q

Need to Know

A

Only allowed access if you need to know/use

153
Q

Network (Layer 3)

A

Describes how data is routed across networks and on to the destination.

154
Q

Network Address Translation (NAT)

A

Translates multiple private addresses into the single registered IP address.

155
Q

Network Interface Cards (NICs)

A

Contain the MAC address and performs at Data Link layer.

156
Q

Non-Discretionary Access Control

A

Prevents users from determining the read/white/execute rights for a file

157
Q

Not an impotent aspect of password management

A

Enable account lockout

158
Q

Object

A

Data, application, systems, networks, physical space

159
Q

objective

A

The virus is programmed with this, which is usually to destroy, compromise, or corrupt data.

160
Q

OFB

A

Output Feedback

161
Q

One-time Pad

A

Method in which the plain text is converted to binary and combined with a string of randomly generated binary numbers

162
Q

Order of GPOs

A

Local Group Policy, GPOs Linked to the domain, GPOs linked to the OU

163
Q

Organizational Unit (OU)

A

Objects within a single domain being organized into OU’s.

164
Q

OSI Model

A

Open Systems Interconnection is a theoretical, 7-layer construct to explain how networking works.

165
Q

Out-of-Band Distribution

A

Involves manually distributing the key.

166
Q

Password Aging

A

Password only valid for a set time

167
Q

Password Complexity

A

Prevents using passwords that are easy to guess or easy to crack

168
Q

PES

A

Proposed Encryption Standard

169
Q

PGP

A

Pretty Good Privacy

170
Q

Physical (Layer 1)

A

Sets standards for sending and receiving electrical signals between devices.

171
Q

Physical Access Control

A

Restricts physical access

172
Q

Physical Control

A

Restrict physical access

173
Q

PKI Attack

A

Attack attempts to trick a user into accepting a fake or spoofed certificate

174
Q

Plain Text

A

Readable Message

175
Q

Prefix Length

A

Identifies the number of bits in the relevant portion of the prefix

176
Q

Presentation (Layer 6)

A

Presents data into compatible form.

177
Q

Preventive

A

Deter intrusion or attacks

178
Q

Preventive Access Control

A

Deter intrusion or attacks

179
Q

Preventive Access Control

A

Deter intrusion or attacks.

180
Q

Principle of Least Privilege

A

Users/Groups are only given access to what they need for their job, nothing more

181
Q

Quantum Cryptography

A

Uses a series of photons to encrypt and send messages

182
Q

RBAC

A

Role-Based Access Control

183
Q

RC2

A

Ron’s Code v2 or Ron’s Cipher v2

184
Q

RC4 (aka Ron’s Code v4 or Ron’s Cipher v4.)

A

The most frequently used symmetric-key stream ciphers.

185
Q

RC4

A

Ron’s Code v4 or Ron’s Cipher v4

186
Q

RC5

A

Ron’s Code v5 or Ron’s Cipher v5

187
Q

Recovery

A

Restore the system to normal operations after the attack

188
Q

Recovery Access Control

A

Restore the system to normal operations after the attack and short-term stabilization period.

189
Q

replication mechanism

A

A file that the virus uses as a host.

190
Q

RIPEMD

A

Developed by COSIC. Generates 128, 160, 256, or 320 bits.

191
Q

RJ45

A

connector specifications

192
Q

Round

A

Data going through one substitution and transposition process.

193
Q

RSBAC (RBAC)

A

Rule Set-Based Access Control

194
Q

SAM Account Name

A

Every user needs a unique name.

195
Q

SAMAccountName

A

You can have users with the exact same names, as long as they’re in different domains.

196
Q

Sanitization

A

Process of cleaning a devices by having all data removed

197
Q

Secure logon credential exchange

A

The password is used as the key to perform a hash on a challenge text value, and only the hashed value is passed… not the password. The receiving host use the same method to compare.

198
Q

Security Principal

A

Object that can be given permission to an object

199
Q

Self Service Password Management

A

Let the user be able to admin their passsword

200
Q

Separation of Duties

A

Having more than one person to complete a task

201
Q

Session (Layer 5)

A

Manages sessions in which data is transferred.

202
Q

SHA-1

A

Developed by NIST and NSA. Generates 160 bits.

203
Q

Side-Channel Attack

A

Tries to exploit information about the physical implementation f a cryptosystem

204
Q

Star property of Bell-LaPadula

A

No write down

205
Q

Statistical Attack

A

Exploits weakness in the design of a cryptosystem

206
Q

Stealth Virus

A

A virus that resides in a low-level system service functions where they intercept system requests and alter service outputs their presence.

207
Q

Steganography

A

Process of hiding messages

208
Q

Stream ciphers

A

Encryption is performed on each bit within the stream in real time.

209
Q

Subject

A

Needs access to objects

210
Q

Subjects

A

Users, applications, processes.

211
Q

Subnet Mask

A

32-bit number associated with each IPv4 address

212
Q

Substitution Cipher

A

Replaces one set of characters with symbols or another character set

213
Q

Switch

A

Operates at Data Link layer by reading the MAC address in a frame to make forwarding decisions.

214
Q

Symmetric-Key Encryption

A

A form of cryptography that provides confidentiality with a weak form of authentication or integrity. It uses only one key to encrypt & decrypt data.

215
Q

System Access Control List

A

SACL

216
Q

Task-Based Access Control

A

TBAC

217
Q

Technical Access Control

A

Computer Mechanisms that restrict access.

218
Q

Technical Control

A

Computer mechanisms that restrict access

219
Q

Temporal Role-Based Access

A

TRBAC

220
Q

The AAA of Access Control

A

Authentication. authorization and auditing.

221
Q

Transitive Two-Way Trusts

A

Lets us have other users over

222
Q

Transmission Control Protocol (TCP)

A

Provides services that ensure accurate and timely delivery of network communications between two hosts. TCP is connection-oriented.

223
Q

Transport (Layer 4)

A

TCP and UDP.

224
Q

Transposition Cipher

A

Changes the position of characters in the plain text

225
Q

Tree

A

A collection of one or more domains that exsist within the same DNS Namespace.

226
Q

User Datagram Protocol (UDP)

A

Provides services of network communications between two hosts. UDP is connectionless.

227
Q

V.35

A

modem signaling

228
Q

View-based Access Control

A

VBAC

229
Q

Virus

A

A program that attempts to damage a computer system and replicate itself to other computer systems.

230
Q

What are key components of risk management?

A

Reduce the risk for an attack

231
Q

What are the three entities of access control?

A

Objects, subjects and system.

232
Q

What are the three main goals of the CIA of Security?

A

Confidentiality

233
Q

What are three advantages of Hierarchical Databases?

A

Organization, delegation of administrator responsibilities, and replication.

234
Q

What are three types of threat agents?

A

Employee

235
Q

What challenges does a security professional face?

A

Sophistication - Complication of attacks

236
Q

What is the difference between integrity and non-repudiation?

A

Integrity keeps the item fully in-tack and not messed with, non-repudiation always givens authentication

237
Q

What process provides confidentiality by converting data into a form that it is unlikely to be usable by an unintended recipient?

A

Encryption

238
Q

Which security expression refers to verifying that someone is who they say they are?

A

Authentication

239
Q

WPA2

A

WiFi Protected Access 2