D430 Fundamentals of Information Security - Set 2 - Part 1

Correct Answer: Deterrent controls

Deterrent controls are designed to discourage individuals from attempting to breach security systems by making it clear that security measures are in place and that consequences for violations exist.

Correct Answer: ECC

Elliptic Curve Cryptography (ECC) is a type of asymmetric cryptography that relies on the mathematical properties of elliptic curves. It is used for encryption, digital signatures, and key exchange, and offers comparable security with smaller key sizes compared to RSA.

Correct Answer: Phishing

Phishing is a social engineering attack where attackers pose as legitimate entities, typically through emails or websites, to trick individuals into revealing confidential information, such as passwords or credit card numbers.

Correct Answer: To require multiple methods of verifying a user’s identity

Multi-factor authentication (MFA) strengthens security by requiring users to provide multiple methods of verification, such as a password and a physical token, before accessing systems or data.

Correct Answer: Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) assigns access rights based on the roles that users hold within an organization, restricting access to resources based on the user's specific responsibilities.

Correct Answer: COPPA

The Children’s Online Privacy Protection Act (COPPA) protects the privacy of children under 13 years of age by regulating the collection of personal information from children by websites and online services.

Correct Answer: Stateful packet inspection firewall

A stateful packet inspection firewall tracks the state of active connections using state tables and makes decisions on whether to allow or block traffic based on the state of those connections.

Correct Answer: AES

The Advanced Encryption Standard (AES) is a symmetric block cipher that encrypts data in fixed-size blocks (typically 128 bits) and is widely used for securing sensitive data.

Correct Answer: Buffer overflow

A buffer overflow attack occurs when an attacker sends more data to a buffer than it can handle, causing it to overwrite adjacent memory and potentially allowing unauthorized access to the system.

Correct Answer: Eradication

The eradication phase of incident response is focused on identifying and completely removing the root cause of the security incident from the environment to prevent future occurrences.

Correct Answer: SHA

The Secure Hash Algorithm (SHA) is widely used for creating message digests, which are fixed-length representations of input data. SHA is commonly used to verify the integrity of data by comparing hash values.

Correct Answer: To reduce the attack surface and limit the spread of malware

Network segmentation involves dividing a network into smaller, isolated segments to reduce the attack surface, limit the spread of malware, and improve overall security.

Correct Answer: DNS Tunneling

DNS tunneling is an attack technique where DNS requests are manipulated to route traffic to an attacker’s server, allowing data exfiltration and remote command-and-control communication.

Correct Answer: FISMA

The Federal Information Security Management Act (FISMA) is a framework that ensures the protection of information systems in federal agencies by focusing on confidentiality, integrity, and availability.

Correct Answer: Detective control

Detective controls are designed to identify and report security incidents after they have occurred, enabling organizations to respond and mitigate the impact.

Correct Answer: Virtual Private Network (VPN)

A Virtual Private Network (VPN) encrypts traffic between two points on a network, creating a secure tunnel that ensures the confidentiality and integrity of data during transmission.

Correct Answer: Fuzzer

A fuzzer is a tool that sends random or unexpected inputs to a system in an attempt to discover vulnerabilities or cause the system to behave in unexpected ways, helping to identify potential security issues.

Correct Answer: Integrity

Integrity refers to the protection of data from unauthorized modification, alteration, or destruction, ensuring that the data remains accurate and trustworthy.

Correct Answer: Wireshark

Wireshark is a popular network protocol analyzer that captures and analyzes network traffic in real-time, helping administrators troubleshoot network issues and identify security threats.

Correct Answer: SQL Injection

SQL Injection attacks occur when an attacker injects malicious SQL code into a user input field, allowing unauthorized access to databases and the execution of unintended commands.