Chapter 2

Question 1

What is the information security CIA triad?

Answer 1

C Confidentiality

I Integrity

A Availability

Question 2

Authentication

Answer 2

is the process of verifying identity.

Question 3

Availability

Answer 3

is the principle that Information Systems, and supporting infrastructure are operating and accessible when needed.

Question 4

OECD privacy principles -Collection Limitation

Answer 4

• collection should be obtained by lawful and fair means and where appropriate with the knowledge and consent of the data subject.

Question 5

OECD privacy principles - Data Quality

Answer 5

Personal data should be relevant to the purpose collected and should be accurate, complete, and kept up to date.

Question 6

OECD privacy principles - Use Limitation

Answer 6

Use Limitation - personal data should not be disclosed or otherwise used for purposes other then specified except with the consent of the data subject or by the authority of law.

Question 7

OECD privacy principles - purpose Specification

Answer 7

purpose Specification - purpose for which personal data is collected should be specified not later than at the time of data collection.

Question 8

Confidentiality

Answer 8

is the assurance that information is not disclosed to unauthorized persons, processes, or devices. Confidentiality covers data in storage, during processing, and in transit.

Question 9

Privacy

Answer 9

Is the right of an individual to control the use of their personal information.

Data Privacy controls relate to actions regarding collection, usage, notification, accuracy, and sharing.

Question 10

Confidentiality

Answer 10

foces on protectng the data in our possession from unauthorized access or disclosure.

Question 11

Authorization

Answer 11

is the process of approving access.

Question 12

Non-repudiation

Answer 12

is the process of assuring the validity and origin of data.

Question 13

Accounting

Answer 13

is the process of tracing actions to the source.

Question 14

Data Plane

Answer 14

is used for communication (moving data) between software components.

Question 15

Control Plane

Answer 15

is used by infrastructure components to maintain and configure assets, access control and communication security. In a ZT environment, requests for access are made through the control plan.

Question 16

Policy Administrator

Answer 16

Control Plane - Part of the Policy Decision Point. generates any session-specific authentication and authentication token, or credential used to access an enterprise resource.

Question 17

Policy Decision Point

Answer 17

Control Plane - functions as a gatekeeper. The PDP has two logical components: Policy Engine & Policy Administrator

Question 18

Policy Enforcement Point

Answer 18

responsible for enabling, monitoring and eventually terminating connections between a subject and an enterprise resource.

Question 19

Policy Engine

Answer 19

Control Plane - Part of the Policy Decision Point. responsible for the ultimate decision to grant access to a resource for a given subject.

Question 20

CPTED - Crime prevention through environmental design

Answer 20

is that proper design and effective use of the physical environment can lead to a reduction in the incidence and fear of crime and increase safety.

Question 21

Sag

Answer 21

Moment of low voltage

Question 22

Temperature

Answer 22

between 64 and 80 degrees

Question 23

Fire use clean suppression like

Answer 23

FM-200, Novec 1230 or inert gases

Question 24

Power Protection Controls

Answer 24

Voltage regulator, surge protector, power line conditioners, battery backup/UPS

Question 25

Power Resiliency Controls

Answer 25

Battery backup/UPS, generator, supplier diversity

Question 26

Hot aisle - Cold aisle

Answer 26

Circulation pattern where rows of server racks are oriented so that the front of servers face each other?

Question 27

Honeynet

Answer 27

Multiple linked honeypots that simulate a network environment.

Question 28

Honeytoken

Answer 28

a beacon embedded into a document, database, images, directory and folders. Used to identify the attacker.

Question 29

Honeyfile

Answer 29

a decoy file located on a network file share designed to detect access and exfiltration attempts.

Question 30

Honey trap

Answer 30

deception technique that allows security defenders to understand attacker behavior patters. They are intended to look legitimate. Types of traps are: honeypots, honeynets, honeyfiles, and honeytokens.

Question 31

Honeypot

Answer 31

is a decoy system like a webserver. They can be high-interaction or low-interaction.

Question 32

DNS Sinkhole

Answer 32

DNS server that responds with false results. can be use to redirect malicious Internet traffic so it can be captured and analyzed. Can also be used to seize control of botnets.