D430 Fundamentals of Information Security - Set 3 - Part 1

Correct Answer: Data at rest encryption

Data at rest encryption is used to protect data stored on hard drives or other storage devices, ensuring that unauthorized users cannot access it, even if they gain physical access to the storage media.

Correct Answer: Integrity

Integrity is compromised when data is altered or tampered with by unauthorized users, meaning the accuracy and trustworthiness of the data are no longer ensured.

Correct Answer: Nmap

Nmap is a powerful tool used to scan networks for open ports and identify active services on devices, helping security professionals assess vulnerabilities and secure the network.

Correct Answer: Principle of Least Privilege

The Principle of Least Privilege ensures that users are granted only the access necessary to perform their specific tasks, thereby reducing the risk of misuse or security breaches.

Correct Answer: ECC

Elliptic Curve Cryptography (ECC) is an asymmetric cryptographic algorithm used for securing wireless communications, offering a high level of security with smaller key sizes compared to RSA.

Correct Answer: Deep packet inspection firewall

Deep packet inspection firewalls analyze the content of network traffic beyond just the packet headers, allowing them to detect and block malicious data based on its contents.

Correct Answer: Verify data integrity

Hashing generates a fixed-length output from input data, allowing the verification of data integrity by ensuring that any changes to the data will result in a different hash value.

Correct Answer: SQL Injection

SQL Injection attacks occur when an attacker inserts malicious SQL code into a user input field to manipulate or retrieve data from a database, bypassing authentication or accessing sensitive information.

Correct Answer: Phishing

Phishing attacks involve tricking users into revealing sensitive information, such as passwords or credit card details, by impersonating a legitimate entity, often through fake emails or websites.

Correct Answer: To identify security weaknesses and vulnerabilities

A vulnerability assessment is conducted to identify security weaknesses and vulnerabilities in systems, networks, or applications, allowing organizations to address potential risks before they are exploited.

Correct Answer: FERPA

The Family Educational Rights and Privacy Act (FERPA) requires organizations, such as educational institutions, to implement safeguards to protect the privacy and security of student education records.

Correct Answer: Containment

Containment involves taking immediate steps to limit the damage caused by a security incident and prevent further harm, such as isolating affected systems or networks.

Correct Answer: Availability

Availability ensures that data and systems are accessible to authorized users when needed, preventing disruptions caused by system failures, network outages, or denial of service attacks.

Correct Answer: Asymmetric encryption

Asymmetric encryption uses two different keys, a public key for encryption and a private key for decryption, providing more security for data transmission compared to symmetric encryption.

Correct Answer: To verify the identity of a user or device

A digital certificate is used to verify the identity of a user or device by binding a public key with an identity, ensuring that the public key belongs to the expected entity.

Correct Answer: Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) attacks exploit the trust between a user's browser and a web application, tricking the browser into executing unauthorized actions, such as submitting forms or making changes to the user's account.

Correct Answer: Defense in Depth

Defense in Depth is a security strategy that involves layering multiple security controls, such as firewalls, intrusion detection systems, and encryption, to protect systems and data from various threats.

Correct Answer: SSL/TLS

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are encryption protocols used to secure web traffic by creating an encrypted connection between a web server and a browser, protecting data from interception.

Correct Answer: GLBA

The Gramm-Leach-Bliley Act (GLBA) governs the security of financial records and requires financial institutions to explain their information-sharing practices and implement safeguards to protect customer data.

Correct Answer: Ransomware

Ransomware is a type of malware that encrypts a user's files and demands a ransom for their decryption, often causing significant disruption to individuals and organizations.