Thor Flashcards
Privacy by Design
- Proactive not reactive
- As default setting
- Embedded into design
- End-to-end security
- High priority
ransomware attack
Contact Legal department
trademark
it’s important to first conduct a trademark search. This is a critical step to ensure that the trademark you’re planning to use is not already registered or in use by another company.
What is the primary role of the confidentiality principle in information security
to prevent unauthorized disclosure of sensitive information
What is a common method for calculating the financial impact of a security breach on an organization?
Annual loss expectancy (ALE) is a commonly used method for calculating the financial impact of a security breach on an organization.
What is the primary difference between a vulnerability and an exploit?
A vulnerability is a weakness in a system, while an exploit is an intentional attack on that weakness.
PII
address is PII, but UserId isnt.
What is the most appropriate method to ensure data on the SSDs is completely unrecoverable?
The ATA Secure Erase command is designed specifically for the effective deletion of all data on SSDs.
Which of the following is the MOST effective method for de-identifying personal data?
Redacting data:
de-identifying personal data as it can still leave other potentially identifying information intact
Statistical techniques are considered to be the most effective methods for de-identifying personal data. Techniques can include noise addition, permutation, data swapping, and more complex methods like differential privacy.
What type of security policy would be MOST effective for protecting sensitive data in a cloud environment?
data classification policy
Which of these types of data destruction would we use to ensure there is no data remanence on our PROM, flash memory, and SSD drives?
Incinerating
Classification levels
CPSP
Confidential
Private
Sensitive
Public
Top secret
Secret
Confidential
Unclassified
Which of the following is the FIRST principle that should be considered when assessing and implementing secure design principles in network architectures?
Least privilege
Which of the following is the most important aspect of a cloud-native security strategy?
- Regularly performing security assessments and vulnerability scans of the cloud infrastructure
- Deploying security tools and technologies that are specifically designed for use in the cloud
- Ensuring that data is encrypted at rest and in transit
- Implementing strong passwords and multi-factor authentication for all cloud accounts
Deploying security tools and technologies that are specifically designed for use in the cloud
What is the MOST important step in the cryptography process?
Establishing trust between the sender and recipient: This step is incredibly important. It involves verifying the identities of the parties (authentication) and ensuring that they can be trusted.
Which of the following best describes the Graham-Denning model?
The Graham-Denning model is a framework for identifying and selecting appropriate security controls for an organization
Chinese wall model
Brewer and Nash model
Which of the following is the MOST effective method to prevent Spectre attacks?
Updating operating systems: Spectre is a hardware vulnerability that affects microprocessors that perform branch prediction.
This is because Spectre is a hardware vulnerability that exploits the speculative execution feature of microprocessors
Distance-Vector vs Link-State
Distance-vector: based on the distance and a vector (number of hops)
Link-state: build a topology database of the network
Link state routing protocols can assess the network’s state more holistically, taking into account factors like bandwidth and latency, rather than simply counting hops as distance vector protocols do.
Our networking department is recommending we use a baseband solution for an implementation. Which of these is a KEY FEATURE of those?
Baseband communication refers to a communication method in which data is sent over a single, dedicated line. This means that only one signal is transmitted at a time, with the entire bandwidth of the network cable being utilized. This differs from broadband communication, which allows multiple signals to be transmitted simultaneously by dividing the bandwidth into multiple channels.
What is a broadcast domain?
A broadcast domain is a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer.
In simpler terms, a broadcast domain is a network segment where data is sent to every device in the network.
What is the primary purpose of a DMZ (Demilitarized Zone)?
to act as a buffer zone between the untrusted outside world (like the internet) and the trusted internal network (like a private corporate network).
Which of the following is NOT a common use case for DNP3 (Distributed Network Protocol 3) in cyber security?
Video surveillance, on the other hand, typically uses other protocols and technologies for transmission of video data over IP networks. The protocol that is often used is the Real Time Streaming Protocol (RTSP) rather than DNP3.
Which of the following is the MOST likely definition of Data Terminal Equipment (DTE)?
Data Terminal Equipment (DTE) refers to any device or equipment that is used to transmit and receive data over a network.
Which of the following is the BEST method for detecting errors in data transmission?
cyclic redundancy check (CRC)
While hash functions can be used to check the integrity of data, they are not typically used for detecting transmission errors.
One of our clients has asked us to review their wireless network security and make recommendations for improving authentication. What protocol is often used in wireless networks to authenticate users before granting access to network resources?
RADIUS (Remote Authentication Dial-In User Service) is a protocol that is often used in wireless networks to authenticate users before granting them access to network resources. RADIUS servers receive user connection requests, authenticate the user, and then return the configuration information necessary for the device to deliver service to the user.
Which of the following is the MOST complex component of L2TP (Layer 2 Tunneling Protocol)?
Tunnel management is the process of establishing, maintaining, and terminating L2TP tunnels, which involves negotiation between the L2TP client and server, as well as handling any errors or issues that may arise during the tunnel’s lifetime.
Encapsulation is the process of wrapping data in a protocol-specific format to be transmitted over a network, which is a relatively straightforward process in L2TP.
What is the layer of the OSI model that is responsible for providing services to the application layer, such as data formatting and error checking?
The transport layer is responsible for providing services to the application layer, such as data formatting and error checking. This layer ensures that the whole message arrives intact and in order, overseeing both error correction and flow control.