SEARCH
You are in browse mode. You must login to use MEMORY

   Log in to start

CISSP


🇬🇧
In English
Created:


Public
Created by:
John Intindolo


0 / 5  (0 ratings)



» To start learning, click login

1 / 25

[Front]


Parameter Checking is used to help prevent buffer overflow attacks, not to enforce process isolation.
[Back]


All of the following can be used to enforce process isolation EXCEPT - Naming Distinctions - Time Multiplexing - Encapsulating Objects - Parameter Checking

Practice Known Questions

Stay up to date with your due questions

Complete 5 questions to enable practice

Exams

Exam: Test your skills

Test your skills in exam mode

Learn New Questions

Dynamic Modes

SmartIntelligent mix of all modes
CustomUse settings to weight dynamic modes

Manual Mode [BETA]

The course owner has not enabled manual mode
Specific modes

Learn with flashcards
multiple choiceMultiple choice mode
SpeakingAnswer with voice
TypingTyping only mode

CISSP - Leaderboard

0 users have completed this course. Be the first!

No users have played this course yet, be the first


CISSP - Details

Levels:

Questions:

200 questions
🇬🇧🇬🇧
Parameter Checking is used to help prevent buffer overflow attacks, not to enforce process isolation.
All of the following can be used to enforce process isolation EXCEPT - Naming Distinctions - Time Multiplexing - Encapsulating Objects - Parameter Checking
Encryption is provided. MPLS does not natively include encryption services.
What is NOT true regarding MPLS? - QoS is provided - Packet labeling is provided - Traffic engineering is provided - Encryption is provided
TCP sequence number attack exploits the communication session that is created between two hosts.
Which attack is used to hijack a communication session between two devices? - Sniffer attack - TCP sequence number attack - Ping of Death attack - DNS poisoning
It provides confidentiality but not authenticity or non-repudiation. One of the strengths of asymmetric cryptography is its ability to provide confidentiality, authentication, and non-repudiation.
Which statement is NOT true in relation to asymmetric cryptography? - It has better key distribution than symmetric systems - It provides confidentiality but not authenticity or non-repudiation - It works much more slowly than symmetric keys - It has better scalability than symmetric systems
Linear cryptanalysis is a variation of the known plaintext attack that works against block ciphers. It employs affine transformation approximations to deduce the cipher's exact behavior.
Which type of cryptographic attack relies on the study of an affine transformations to deduce the cipher's exact behavior? - Differential cryptanalysis - Side-channel attack - Linear cryptanalysis - Algebraic attack
DCOM.
What would you choose to counteract covert channels? - Emanation - Scrubbing - DCOM - EMSEC
To store and process cryptographic keys. TPM is a cryptoprocessor chip used to store and manage digital encryption keys.
What is the purpose of the Trusted Platform Module (TPM)? - To improve fault tolerance by adding redundant components - To limit the actions of users based on their privileges - To host multiple operating systems on a single host computer - To store and process cryptographic keys
It helps maintain the integrity of data using the simple integrity axiom and the *-integrity axiom. AKA the no write up rule, specifies that a subject or process cannot write data to an object at a higher integrity level
What statement describes the Biba Security model? - It separates data into high protection data called constrained data items (CDI's) - It ensures that actions at higher security levels do not interfere with actions at lower security levels - It helps maintain the integrity of data using the simple integrity axiom and the *-integrity axiom - It helps protect the confidentiality of data using the *-property rule and the strong start property rule
Keys used for encryption and decryption are mathematically related. They use two different, but mathematically related, static keys.
What statement about asymmetric key encryption is true? - Asymmetric key encryption is faster than symmetric key encryption - DSA is an asymmetric key algorithm that can only be used for encryption - Keys used for encryption and decryption are mathematically related - Asymmetric key encryption can only be used to provide confidentiality
Encountering an error message indicates a failed test.
Which statement does not apply to misuse case testing? - Encountering an error message indicates a failed test - Invalid information is entered to determine how it is handled by the application - It is used to identify weaknesses in an application - the goal is to prevent application crashes
Enumeration. This is the second step in the penetration test methodology and builds on the information gathered during the discovery phase and is specifically directed at the targeted systems, applications, and networks.
Which step of a penetration test involves performing port scans to discover information about a target? - Exploitation - Enumeration - Reconnaissance - Vulnerability mapping
Using a software program. Using automated tools ensures that the process of collecting, analyzing, and reporting the information is consistent and efficient.
How should the security information that is captured by an organization's information security continuous monitoring (ISCM) program be collected, analyzed, and reported upon? - By the network administrator - By the end user - Using a software program - By the security administrator
Accountability. Monitoring, auditing, and logging ensure that users are accountable for their actions within an organization.
Monitoring, auditing, and logging provide which measure within an organization? - Accountability - Availability - Confidentiality - Integrity
Minimize downtime and recovery costs.
You are performing a BCP through a BIA. During this process, you should strive for which goal?
Temporal isolation. AKA time-based access control is often used in conjunction with other authentication methods, particularly role-based access control (RBAC).
What technique is used to extend the capability of a role-based access control mechanism? - Temporal isolation - Scrubbing - Polyinstantiation - Asset valuation
Attribute Based Access Control (ABAC).
Which access control model allows administrators to create policies using plain language statement? - Role Based Access Control (RBAC) - Attribute Based Access Control (ABAC) - Rule-Based Access Control - Discretionary Access Control (DAC)
Ensure transactions are canceled if the Internet connection is lost.
You have been tasked with testing the internal interfaces of an application. Which test should you include in your testing strategy? - Verify that the application is compatible with the network connections - Verify that the communications between the server application and the database server are functioning properly - Ensure all supported web browsers have been tested to verify that they are all functioning properly - Ensure transactions are canceled if the Internet connection is lost
CCMP. WPA2 uses AES (128 bit) and Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) for wireless data encryption.
You are planning to implement the 802.11i wireless standard for your WLAN environment. You want to ensure that your network is secure. Which encryption method should you use if you implement WPA2? - TKIP - 802.1X - CCMP - EAP
Watermarking. Watermarking involves embedding copyright information or a hidden message in the content.
Which DRM software method is mainly used to monitor and track content? - ASIC-based security - IMEI number - Watermarking - Steganography
Signature-based intrusion detection system. This uses accumulated knowledge to determine if an attack occurs.
You have been tasked with implementing IDS that uses predefined knowledge to determine if an attack is occurring. Which option represents the BEST system to meet these requirements? - Statistical anomaly-based intrusion detection system - Host-based intrusion detection system - Signature-based intrusion detection system - Network-based intrusion detection system
Infrastructure as a Service (IaaS). IaaS is the most flexible cloud computing model that allows an organization to quickly scale up new software or data-based services without installing the required hardware.
Which cloud computing model is highly scalable and provides deployment automation? - Software as a Service (SaaS) - Platform as a Service (PaaS) - Infrastructure as a Service (IaaS) - Security as a Service (SECaaS)
Wardialing.
The network administrator for your company has asked you to provide a report on the number of unaccounted for modems attached to the network. What should you do to accomplish this? - Wardriving - Packet sniffer - Piggybacking - Wardialing
Target acquisition involves investigating and gathering intelligence to identify possible targets. Methods used to helped prevent target acquisition include performing network address translation, securing directory databases, using hidden directory paths, and using unique usernames for privileged accounts.
Security attacks typically follow four steps that include target acquisition, analysis, access, and appropriation. You have decided to use hidden directory paths to help prevent attacks. Which step of an attack does this help prevent? - Target analysis - Target appropriation - Target access - Target acquisition
Hash-based Message Authentication Code (HMAC). HMAC provides data origin authentication, but fails to provide data confidentiality.
The following steps are performed to send a message to another user: 1. The message runs through a hashing algorithm, which generates a MAC value. 2. The MAC value is appended to the message by the sender and sent to the receiver. 3. The receiver accepts the message and adds their secret key to the message before an algorithm generates an independent MAC value for the message. 4. The receiver compares the two MAC values to see if they are the same. Which type of message authentication method is being described?
Transition plans for replacing outdated keys. The goverance of cryptographic algorithms and systems should address the following at minimum: - Transition plans for replacing outdated algorithms and keys - Procedures for the use of cryptographic systems - Approved cryptographic algorithms and key sizes - Key generation, escrow, and destruction guidelines - Incident reporting guidelines
Which option should be addressed by the governance of cryptographic algorithms and systems at a minimum? - The top web application security flaws and how they can be mitigated - Industry-recommended cryptographic algorithms - Transition plans for replacing outdated keys - All keys that have been issued by the system
Maintain It.
What should you do after a security awareness program is implemented?
They can involve a memory location being shared between two different individuals with different security levels.
Which statement about covert storage channels is true? - The are less efficient than covert timing channels - They can involve a memory location being shared between two different individuals with different security levels - They are the only type of covert channel that can be used to access sensitive information - They rely on being able to influence the rate other processes are able to acquire CPU, memory, and I/O resources.
Covert channel. A wireless covert channel is an unsecured, unknown wireless communication channel within a network.
What can be caused by a rogue access point within an organization's network? - Man-in-the-middle attacks - Inference - Covert channel - Eavesdropping
Cleanroom. The cleanroom model is a process used for the development of high-quality software and puts an emphasis on the earlier phases of the model.
Which non-iterative software development model attempts to ensure quality by spending more time in the earlier phases of the model, such as design? - Structured Programming Development - Spiral - Waterfall - Cleanroom
Top Secret. Unauthorized disclosure of the laser blueprints would cause damage to national security beyond serious damage.
The military has blueprints for a new laser weapon capable of shooting missles out of the air that will be outfitted on their naval ships. Which Data classification is being discussed? - Sensitive but unclassified - Secret - Top Secret - Unclassified
Private. Private is a typical business classification level that applies to employee or customer data.
To which business classification level is credit card information typically addressed? - Secret - Private - Public - Confidential
Overwriting. Overwriting the sectors that sensitive data was stored in will provide a certain level of assurance that the sensitive data cannot be retrieved.
Which method is commonly used to remove remnants of sensitive financial data from media before the media is reused with an organization? - Overwriting - Shredding - Formatting - Degaussing
The Safe Harbor framework.
Laws designed to protect individuals' privacy have been created worldwide. However, different approaches have been adopted by the various countries. Which of the following was created by the U.S. Department of Commerce in consultation with the European Commission to bridge the differences in approaches? - The 1948 Universal Declaration of Human Rights - The 1980 Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data - The Lisbon Treaty - The Safe Harbor framework
Control analysis.
Which risk management concept involves using a security requirements checklist as a best practice? - Control analysis - Monitoring - Reporting - Continuous Improvement
RDP. Remote Desktop Protocol (RDP) can be used to encrypt the transmission channel, thus securing the data in transit.
You need to provide users with a method for making secure remote connections to their Windows computers. Which technology should you deploy to the users? - Telnet - SSH - VNC - RDP
Ciphertext-only attacks. A ciphertext-only attack happens when an attacker has only encrypted data or ciphertext to work with. It's easy to initiate because all that is needed is a single piece of ciphertext. It's very difficult to produce results though because so little information is known abut the encryption process.
Which active cryptographic attack is EASIEST to initiate, but is the MOST difficult to actually produce results? - Known-plaintext attacks - Chosen-ciphertext attacks - Chosen-plaintext attacks - Ciphertext-only attacks
Java.
Which programming language contains the sandbox and garbage collection security features? - JavaScript - C - COBOL - Java
194.
Due to security concerns with the Internet Relay Chat (IRC) application, you need to prevent IRC traffic from entering your network. Which port number do you need to block on your firewalls? - 53 - 22 - 143 - 194
Fraggle Attack. A fraggle attack uses UDP messages that are modified to appear to have the source address of the system being targeted.
Which type of attack uses spoofed UDP packets in an attempt to overwhelm a target system? - Fraggle attack - Teardrop attack - Smurf attack - SYN flood attack
Smart Lock. This is because they can track the people who use them.
Which type of lock allows for a certain amount of individual accountability?
Data Link- PPP Application- Telnet Presentation- JPEG Transport- SSL/TLS Session- SQL, RPC
Which protocols or services are used at different layers of the OSI model layer? Match the protocols or services to the appropriate layer. Layers- Data Link, Application, Presentation, Transport, Session Protocols/Services- JPEG, SSL/TLS, PPP, Telnet, SQL, RPC
Stores and backs up information for the information owner - Information Custodian Ultimately responsible for defending information assets - Executive Management Manages and reviews the company's security policies and procedures - Security officer Follows the organization's security policies - End user Creates accounts and adds access permissions for users that require access to data, applications, or systems - Security administratorWhich security roles match each security responsibility description? Responsibility Descriptions- Stores and backs up information for the information owner, Ultimately responsible for defending information assets, manages and reviews the company's security policies and procedures, follows the organization's security policies, creates accounts and adds access permissions for users that require access to data, applications, or systems. Roles- Security officer, Executive management, Security Administrator, End user, Information custodian
Isolated PVLAN. It is a secondary VLAN that exists inside the primary VLAN. Nodes attached to the isolated PVLAN are able to send packets to, and receive packets from, ports in the promiscuous PVLAN only.
Which component of private virtual local area network (PVLANs) is only capable to send packets to, or receive packets from, ports in the promiscuous PVLAN? - Isolated PVLAN - Promiscuous PVLAN - Community PVLAN - Primary PVLAN
Gives organization the flexibility to tailor the framework to their own needs - NIST SP 800-53 Comprises a set of 34 high-level processes and 214 control objectives to support these processes - COBIT Identifies five areas of internal control that must be present for data integrity in financial reporting and disclosure - COSO Contains best practices for IT processes that enable high levels of availability, confidentiality, and data integrity - ITILWhich security control frameworks match each framework description? Frameworks- NIST SP 800-53, ITIL, COBIT, COSO Description- Gives organization the flexibility to tailor the framework to their own needs, Comprises a set of 34 high-level processes and 214 control objectives to support these processes, Identifies five areas of internal control that must be present for data integrity in financial reporting and disclosure, Contains best practices for IT processes that enable high levels of availability, confidentiality, and data integrity
It is typically applied by the end user.
Data can be protected while it is in transit using either link encryption or end-to-end encryption. Each method functions differently. Which statement is true regarding end-to-end encryption? - It is typically applied by the end user - It is possible for an attacker to see a message in clear text format as it travels across the network - It encrypts the data and the routing information - It provides better traffic confidentiality
FFIEC. The Federal Financial Institutions Examination Council (FFIEC) provides a booklet on creating business continuity plans.
Which of the following emphasizes resuming and maintaining business operations in financial institutions after a disaster? - NYSE Rule 446 - NASD Rule 3510 - Electronic Funds Transfer Act - FFIEC
Parallel test. The parallel test involves testing how the processes will run at the offsite facility and comparing them to the original site, making changes as necessary.
You need to test the organization's BCP to ensure its suitable. You need to verify that the mission critical systems can function at the alternate processing site. Which type of test is the FIRST to perform an actual recovery at the alternate processing site? - Simulation - Parallel test - Structured walk-through - Full interuption
Negative. Negative testing is called misuse testing. It is typically performed by entering invalid information to identify how it is handled by the application.
You have been tasked with testing a web application by attempting to access a secure web page without logging in. Which type of test do you need to perform? - Statement coverage - Regression - Path coverage - Negative
Determine whether the backups were successful.
What is the LAST step that you should include in any backup plan? - Determine what type of backup media you will require - Determine where you should store the backup media and how long you should store it there. - Determine what data you will need to back up - Determine whether the backups were successful
The mitigations must be tested by an independent group.
Steps have been taken to mitigate risks found during an assessment of custom software installed on one of the organization's servers computers. What step must be taken before the risk can be declared as mitigated? - The risks are considered mitigated once the proper controls have been put in place to deal with the risk - The developers of the custom software must sign off on the implemented mitigations - The owner of the server computer must sign off on the implemented mitigations - The mitigations must be tested by an independent group
A process used to protect against the accidental or deliberate introduction of harmful modifications to code or systems.
What option BEST describes the change management process? - A formal process that ensures requested changes are implemented by the most qualified individuals - A process used to ensure that accidental changes do not occur within an organization's code of ethics - A process used to protect against the introduction of harmful patches to an organization's software. - A process used to protect against the accidental or deliberate introduction of harmful modifications to code or systems
Auditing. Security managers can perform log reviews, account monitoring, backup verification, and review key performance indicators (PKI).
Identify an administrative duty that is not part of the security management review. - Account management - Key performance and risk indicators - Backup verification - Auditing
Determining the cost savings of implementing the asset is one of the ways of determining the cost of an intangible asset, not a tangible asset.
These are tangible assets and there are intangible assets. All of the following methods can be used to determine the value of a tangible asset EXCEPT: - Obtaining current quotes for replacement cost comparison - Subtracting the depreciation from the original asset cost - Determining the cost savings of implementing the asset - Identifying the cost of switching to an alternative solution
Encapsulates data but does not encrypt it - PPP Encrypts packets at the network layer - IPsec Supports remote access and site-to-site topologies - VPN Encrypts data using GRE or MPPE - PPTP Requires digital certificates and a PKI - SSL VPN Communicates over UDP port 1701 - L2TP
Match each remote connections protocols to the proper description: Protocols- PPP, IPsec, VPN, L2TP, SSL VPN, PPTP Descriptions- Encapsulates data but does not encrypt it, Encrypts packets at the network layer, Supports remote access and site-to-site topologies, Encrypts data using GRE or MPPE, Requires digital certificates and a PKI, Communicates over UDP port 1701
It tracks real user sessions. This doesn't happen with synthetic monitoring and means that performance is predictable since specific steps are executed by a script at regular intervals.
Which statement is NOT true of synthetic monitoring? - It is also classed as proactive monitoring - It tracks real user sessions - It uses external agents to run scripted transactions - It has full access over the client
Security policies.
Which is MOST likely to be impacted by a company merger or acquisition? - Business interruption insurance - Security policies - Remote journaling - Reciprocal agreements
SAML. Security Assertion Markup Language (SAML) is an XML-based language often used to exchange identities between federated organizations.
Which SSO method is commonly used to share Federated identify information? - SESAME - Open ID - SAML - OAuth
Application Decomposition and Analysis (ADA).
The PASTA (Process for Attack Simulation and Threat Analysis) methodology has seven stages. What is the 3rd stage?
Session. Layer 5 Session Layer.
What layer of the OSI model is Half-Duplex mode being used for communication between two applications? - Physical - Data Link - Network - Presentation - Session
White Box. White box testing is performed while knowing the details of the system.
You provide a senior software tester with source code of an application and request that they perform a full test of the software. Which BEST identifies this type of test? - Sandbox - Black Box - White Box - Dynamic
Digital signature.
What information is contained within a SAML token? - One-way hash - Block cipher - Temporary session key - Digital signature
SDN northbound interface. SDN applications use the SDN northbound interface (NBI) to communicate the network requirements of SDN applications to the SDN controller.
Which component of Software Defined Networking (SDN) is used to communicate network requirements to the SDN controller? - SDN northbound interface - SDN datapath - SDN application - SDN control to data-plane interface
From a server's RAM.
Which location is the BEST place to collect live evidence when performing eDiscovery at a crime scene? - From a SAN - From a smartphone - From a workstation's hard drive - From a server's RAM
Data custodian.
Who is responsible for processing data backups? - Data custodian - Data owner - Security administrator - Information systems auditor
Streamlines the risk analysis process by identifying areas upon which to focus - FRAP Evaluates risks by defining and scoring the elements on a consistent scale - PUSH Uses a self-directed approach to securing an organization's assets - OCTAVE Examines potential effects of failures on three levels - FMEA
Match the risk assessment method with its description: Description- Streamlines the risk analysis process by identifying areas upon which to focus, Evaluates risks by defining and scoring the elements on a consistent scale, Uses a self-directed approach to securing an organization's assets, Examines potential effects of failures on three levels Method- FMEA, PUSH, OCTAVE, FRAP
LDAP. Lightweight Directory Access Protocol (LDAP) systems store information about users, network resources, file systems, and applications.
An organization requires an indentity management solution that uses a remote access authentication system to store information about users and applications. Which remote access authentication system should the organization use? - RADIUS - Diamter - TACACS+ - LDAP
It executes a known set of steps at regular intervals. This means that performance is predictable since specific steps are executed by a script at regular intervals.
Which statement relates to a synthetic performance-monitoring test used on a web site? - It is also classed as end user experience monitoring - It uses web-monitoring services to track availability - It obtains and assesses server side information - It executes a known set of steps at regular intervals
Hardware-based FDE.
What is the BEST way to secure all data at rest on a portable computer, with the LEAST impact on system performance? - Hardware-based FDE - Cloud computing - SSL - Software-based FDE
C2. Class C2, Controlled Access Protection, requires users to be identified individually, which makes them accountable for their actions. It also provides audit trails that can be used to track actions made by the users.
Which classification level of the Orange Book is the first to provide individual accountability by requiring login procedures and audit trails? - B1 - B2 - C2 - C1
Consumers don't control any of the cloud-based assets, The CSP is responsible for maintaining the host and cloud infrastructure - SaaS The CSP is responsible for maintaining the host and cloud infrastructure - PaaS Consumers manage their applications and configuration settings on the host - PaaS The CSP is responsible for maintaining the cloud-based infrastructure - IaaS The CSP is responsible for the maintenance of all services - SaaS Consumers maintain the operating systems and applications - IaaSMatch each of the responsibilities for cloud-based assets to the relevant service model: Responsibilities- Consumers don't control any of the cloud-based assets, The CSP is responsible for maintaining the host and cloud infrastructure, Consumers manage their applications and configuration settings on the host, The CSP is responsible for maintaining the cloud-based infrastructure, The CSP is responsible for the maintenance of all services, Consumers maintain the operating systems and applications Service Models- SaaS, PaaS, IaaS
Implement egress and ingress filters - Spoofing attacks Set minimum password length - Brute force attacks Use OTP authentication - Dictionary attacks
Match the access control attacks with the methods for protecting against them: Methods for protecting- Implement egress and ingress filters, Set minimum password length, Use OTP authentication Attacks- Spoofing attacks, Dictionary attacks, Brute Force attacks
- Corporate policy - System specific policy - Issue specific policy
Name the three main types of policies that exist.
Acts as a Liaison between management, business, IT, and Information Security. This is actually a role of the steering committee.
Which of the following is NOT true of Senior Management Responsibilities? - Ensure testing (and that appropriate results are achieved) - Prioritize business functions (based on BIA) - Establish a common vision/strategy/framework for the enterprise - Provide funding and support - Acts as a Liaison between management, business, IT, and Information Security
Qualitative.
Subjective analysis to help prioritize probability and impact of risk events is an example of what type of risk analysis?
Exposure factor.
The percentage of loss that is expected to result in the manifestation of a particular risk even it known as ____. - Asset Value (AV) - Single Loss Expectancy (SLE) - Asset Value (AE) - Exposure Factor (EF)
Total cost of ownership (TCO).
What term describes the total cost of implementing a safeguard? - Return on Investment (ROI) - Total Cost of Ownership (TCO) - Asset Value (AV) - Exposure Factor (EF)
Rejection. Rejection is a risk response rather than a risk mitigation.
Which of the following is NOT a form of risk mitigation? - Reduce - Avoidance - Transfer - Accept - Rejection
Avoidance because it is a mitigation method that avoids the risk altogether.
Which of the following is the ultimate risk mitigation method? - Reduce - Avoidance - Transfer - Accept - Rejection
Risk Transfer.
SLA's and contracts are examples of which type of Risk Mitigation method?
Key Risk Idicator.
What does the acroynm KRI stand for?
Due Care.
Setting and enforcing policy to bring an organization into compliance is known as ______.
Employee behavior.
The goal of knowledge transfer is to modify ________.
Financial reporting.
What is a SOC 1 Report used for?
Security and Technology.
What is a SOC 2 Report used for?
Security and Technology but publicly available.
What is a SOC 3 Report used for?
SOC 3 is available to the public. They both are for Security and Technology, but a SOC 3 report is publicly available.
What is the difference between a SOC 2 and SOC 3 report? - SOC 3 is for financial reporting - SOC 3 is available to the public - SOC 2 is available to the public - SOC 2 is for security and technology
Simulation Test.
Which type of test goes through a disaster scenario, and continues up to the actual relocation to an offsite facility? - Checklist Test - Structured Walk-Through (Table Top) Test - Simulation Test
Data Owner.
Who is responsible for determining the classification of data?
Data Custodian.
Who maintains the data?
Obfuscation.
What is the process of hiding, replacing, or omitting sensitive information? - Data anonymization - Tokenization - Obfuscation - Masking
Data anonymization.
_______ is the process of either encrypting or removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous. - Data anonymization - Tokenization - Obfuscation - Masking
Tokenization.
Public cloud service can be integrated and paired with a private cloud that stores sensitive data. The data sent to the public cloud is altered and contains a reference to the data residing in the private cloud. This process can be described as _______. - Data anonymization - Tokenization - Obfuscation - Masking
Masking.
_______ is the process of using specific characters to hide certain parts of a specific dataset (ie. displaying asterisks for all but the last 4 digits of SSN). - Data anonymization - Tokenization - Obfuscation - Masking
Protecting data moving to and withing the cloud.
When it comes to data security in the cloud, SSL/TLS/IPsec protocols can be described as ______. - Detection of data migration to the cloud - Protecting data in the cloud - Protecting data moving to and withing the cloud
Detection of data migration to the cloud.
When it comes to data security in the cloud, DAM and DLP can be described as ______. - Detection of data migration to the cloud - Protecting data in the cloud - Protecting data moving to and withing the cloud
Caesar Cipher.
Which type of cyrptography is a simple substitution that shifts characters 3 spaces? (ie. A=D, B=E, C=F) - Caesar Cipher - Vernam - Enigma Machine and Purple Machine - Scytale - Vignere
Vigenere.
What is another name for a polyalphabetic cipher which uses a key word that is agreed upon ahead of time and takes the first letter of the key and matches it up against the first letter of the message, and so on? - Caesar Cipher - Vernam Cipher - Vignere - Enigma Machine and Purple Machine - Scytale