Assets, Threats, and Vulnerabilities: Module 2

Question 1

Access Controls

Answer 1

Tools that manage who can see or do things with information

Question 2

Algorithm

Answer 2

A set of steps to solve a problem

Question 3

Application Programming Interface (API) Token

Answer 3

A small code that proves who a user is

Question 4

Asymmetric Encryption

Answer 4

Using one key to lock and a different key to unlock data

Question 5

Basic Auth

Answer 5

A way to check who a user is before giving access

Question 6

Bit

Answer 6

The tiniest piece of data on a computer (0 or 1)

Question 7

Brute Force Attack

Answer 7

Guessing passwords over and over until one works

Question 8

Cipher

Answer 8

A tool that hides information by turning it into secret code

Question 9

Cryptographic Key

Answer 9

A special code that unlocks secret messages

Question 10

Cryptography

Answer 10

Turning information into code so others can’t read it

Question 11

Data Custodian

Answer 11

The person who keeps data safe and handles it properly

Question 12

Data Owner

Answer 12

The person who decides who can use or change the data

Question 13

Digital Certificate

Answer 13

A file that proves someone’s online identity

Question 14

Encryption

Answer 14

Turning readable information into secret code

Question 15

Hash Collision

Answer 15

When two different things turn into the same hash code

Question 16

Hash Function

Answer 16

A formula that turns data into a unique code

Question 17

Hash Table

Answer 17

A storage space for codes made by a hash function

Question 18

Identity and Access Management (IAM)

Answer 18

Tools and rules that control who can access what in a system

Question 19

Information Privacy

Answer 19

Protecting data from being seen or shared without permission

Question 20

Multi-Factor Authentication (MFA)

Answer 20

Using two or more ways to prove who you are

Question 21

Non-Repudiation

Answer 21

Making sure someone can’t deny they sent or got something

Question 22

OAuth

Answer 22

A way for apps to safely share access without giving passwords

Question 23

Payment Card Industry Data Security Standards (PCI DSS)

Answer 23

Rules to protect credit card and payment info

Question 24

Personally Identifiable Information (PII)

Answer 24

Any detail that can be used to figure out who someone is

Question 25

Principle of Least Privilege

Answer 25

Only giving someone the access they need to do their job

Question 26

Protected Health Information (PHI)

Answer 26

Private medical details about a person’s health

Question 27

Public Key Infrastructure (PKI)

Answer 27

A system that keeps online info secure with special keys

Question 28

Rainbow Table

Answer 28

A cheat sheet of passwords and their matching codes

Question 29

Salting

Answer 29

Adding random letters to passwords before coding them to make them safer

Question 30

Security Assessment

Answer 30

A check to see how strong a company’s security is

Question 31

Security Audit

Answer 31

A review of how well a company follows security rules

Question 32

Security Controls

Answer 32

Tools that help keep systems safe

Question 33

Separation of Duties

Answer 33

Making sure no one person has too much power in a system

Question 34

Session

Answer 34

A time when a user interacts with a website or app

Question 35

Session Cookie

Answer 35

A file that keeps track of a user while they’re logged in

Question 36

Session Hijacking

Answer 36

When a hacker takes over someone else’s login session

Question 37

Session ID

Answer 37

A special code that tells a system who the user is

Question 38

Single Sign-On (SSO)

Answer 38

Using one login to access many apps or sites

Question 39

Symmetric Encryption

Answer 39

Using the same key to lock and unlock data

Question 40

User Provisioning

Answer 40

Creating and managing a user’s account and access