Information Security and Availability (B6:M4) Flashcards
what does a digital signature do?
ensures that the sender of a message is authentic
what is the general idea of asymmetric encryption?
a public key is used to encrypt the message; a private key is used to decrypt it
what type of security policy describes information security and assigns responsibility for achievement of security objectives to the IT department?
program-level policy
what do general controls do?
ensure that an organization’s control environment is well-managed and stable
what connects different kinds of networks?
gateways
what do routers do?
route packets of data through interconnected LANs
what is the hierarchy of computer security policies?
program level policy
program-framework level policy
- issue-specific
- system-specific
what does a password have to be in order to be effective?
long (greater than 7 characters)
complex (uppercase, lowercase, numeric, !@# etc.)
changed every 90 days
not reused
two-factor authentication
what are the steps in creating a disaster recovery plan?
assess risks
id mission critical applications
develop a plan
determine responsibilities of the personnel
test the plan
what are the two types of partial backups?
incremental:
copying only data items that have changed since the last backup
differential:
copies all changes made since the last full backup
daily differential backups take more time than incremental backups
hot site
cold site
warm site
fully equipped, backup copies of essential data at site, ready to take over data processing very quickly (most expensive)
has all electrical connections and other physical requirements for data processing, but no actual equipment
has all the required hardware, but no backup copies of essential data
what is the difference between multifactor authentication and multimodal authentication?
multimodal uses multiple biometric data (fingerprint, face recognition, etc.)
multifactor would be like a traditional password and then a push sent to the person’s phone
