| 1. | Briefly define each of the three members of the information security triad. | ||
|
a. The three members are as follows: |
|||
|
i. Confidentiality: we want to be able to restrict access to those who are allowed to see given information. |
|||
|
ii. Integrity: the assurance that the information being accessed has not been altered and truly represents what is intended. |
|||
|
iii. Availability: information can be accessed and modified by anyone authorized to do so in an appropriate timeframe. |
|||
| 2. | What does the term authentication mean? | ||
|
a. The process of ensuring that a person is who he or she claims to be. |
|||
| 3. | What is multi-factor authentication? | ||
|
a. The use of more than one method of authentication. The methods are: something you know, something you have, and something you are. |
|||
| 4. | What is role-based access control? | ||
|
a. With role-based access control (RBAC), instead of giving specific users access rights to an information resource, users are assigned to roles and then those roles are assigned the access. |
|||
| 5. | What is the purpose of encryption? | ||
|
a. To keep transmitted data secret so that only those with the proper key can read it. |
|||
| 6. | What are two good examples of a complex password? | ||
|
a. There are many examples of this. Students need to provide examples of passwords that are a minimum of eight characters, with at least one upper-case letter, one special character, and one number. |
|||
| 7. | What is pretexting? | ||
|
a. Pretexting occurs when an attacker calls a helpdesk or security administrator and pretends to be a particular authorized user having trouble logging in. Then, by providing some personal information about the authorized user, the attacker convinces the security person to reset the password and tell him what it is. |
|||
| 8. | What are the components of a good backup plan? | ||
|
a. Knowing what needs to be backed up, regular backups of all data, offsite storage of all backed-up data, and a test of the restoration process. |
|||
| 9. | What is a firewall? | ||
|
a. A firewall can be either a hardware firewall or a software firewall. A hardware firewall is a device that is connected to the network and filters the packets based on a set of rules. A software firewall runs on the operating system and intercepts packets as they arrive to a computer. |
|||
| 10. | What does the term physical security mean? | ||
|
a. Physical security is the protection of the actual hardware and networking components that store and transmit information resources. |
|||
- 瀏覽次數:1721
