My Questions

Question 1

Protect Documents that can be used in evidence from being altered

Answer 1

Legal Hold

Question 2

Authentication Header (AH)

Answer 2

provides a mechanism for authentication only. Because AH does not perform
encryption, it is faster than ESP.

Question 3

Encapsulation Security Payload ESP

Answer 3

provides data confidentiality (encryption) and authentication (data integrity, data
origin authentication, and replay protection). ESP can be used with confidentiality only,
authentication only, or both confidentiality and authentication.

Question 4

Data owner

Answer 4

Usually a member of senior management. Can delegate some day-to-day duties.
Cannot delegate total responsibility.

Question 5

Data Controller

Answer 5

Manages the purposes and means by which
personal data is processed

Question 6

Data processor

Answer 6

Processes data on behalf of the data controller

Question 7

Data custodian/steward

Answer 7

Responsible for data accuracy, privacy, and security
– Associates sensitivity labels to the data
– Ensures compliance with any applicable laws and standards
– Manages the access rights to the data
– Implements security controls

Question 8

Data protection officer (DPO)

Answer 8

Responsible for the organization’s data privacy
– Sets policies, implements processes and procedures

Question 9

Incident Response Lifecycle

Answer 9

• Preparation
• Detection & Analysis
• Containment, Eradication and Recovery
• Post Incident Activity

Question 10

Cyber Kill Chain

Answer 10

1. Recon
2. Weaponisation
3. Delivery
4. Exploitation
5. Installation
6. Command & Control
7. Action on Objectives

Question 11

Diamond Model

Answer 11

This is an analysis framework
1. Adversary Develops Capability
2. Adversary Uses Infrastructure
3. Infrastructure Connects To Victim
4. Capability Exploits Victim and deployed via Infrastructure

Question 12

Managerial Control

Answer 12

Address security design and implementation through policies and SOP’s

Question 13

Operational Control

Answer 13

Implemented by People e.g. security guards and awareness programs

Question 14

Technical Control

Answer 14

Implemented using systems

Question 15

Physical Security

Answer 15

Deter - Deny - Detect - Delay

Question 16

DER Cert Format

Answer 16

Distinguished Encoding Rules
- Binary Format
- Common Format used in Java Certs

Question 17

PEM Cert Format

Answer 17

Privacy Enhanced Mail
- Base 64 encoded DER (ASCII)
- Format Provided by CA’s

Question 18

PKCS#12 Cert Format

Answer 18

Public Key Cryptography Standard #12
- Personal Information Exchange (PFX) syntax standard
- Often used in transfer of public and private key pairs
- p12 or pfx file ecxtension

Question 19

CER Cert Format

Answer 19

Certificate
- Encoded as binary DER or ASCII PEM
- Common format for windows

Question 20

PKCS#7 Cert Format

Answer 20

• p7b file
• ASCII format
• Private keys not included in p7b file
• Used in Windows and Java Tomcat

Question 21

Policy

Answer 21

Formal Statement produced & supported by management. The why

Question 22

Standard

Answer 22

Mandatory course of action or rules giving formal policies support or direction. The what

Question 23

Procedure

Answer 23

Step by the step instructions. The how

Question 24

Guidelines

Answer 24

Recommendation of what to do when standards do not exist. The when

Question 25

Symmetric Algorithms

Answer 25

AES -DES - 3DES RC4 Blowfish - Twofish

Question 26

Asymmetric Algorithms

Answer 26

RSA DSA - Digital Signature Algorithm Diffie-Hellman Ephemeral (DHE) ECDHE - Elliptic Curve DHE Elliptic Curve Cryptography (ECC) Pretty Good Privacy (PGP) GNU Privacy Gaurd (GPG)

Question 27

Key Stretching

Answer 27

Bcrypt

Question 28

CBC

Answer 28

Cipher Block Chaining - Depends on block before and therefore slow. Uses IV for randomisation

Question 29

GCM

Answer 29

Galois Counter Mode - provides authentication/integrity and hashes

Question 30

ECB

Answer 30

Electronic Code Book - simplest Cipher Each block is encrypted with the same key

Question 31

CTR

Answer 31

Counter - Block cipher mode / acts like a stream cipher. Encrypts successive values of a “counter” - XOR

Question 32

FERPA

Answer 32

Family Educational Rights and Privacy Act - requires that educational institutions implement security and privacy controls for student educational records

Question 33

GLBA

Answer 33

Gramm-Leach-Bliley Act - focused on services of banks, lenders, and insurance severely limited services they could provide and the information they could share with each other

Question 34

FISMA

Answer 34

Federal Information Security Management Act (FISMA) Required formal infosec operations for federal gov’t. Requires that government agencies include the activities of contractors in their security management programs.

Question 35

HIPPA

Answer 35

Health Insurance Portability and Accountability Act

Question 36

COPPA

Answer 36

Children’s Online Privacy Protection Act was designed to protect children under age 13

Question 37

ECPA

Answer 37

Electronic Communications Privacy Act (ECPA) prohibits a third party from intercepting or disclosing communications without authorization

Question 38

ISO 27001

Answer 38

Standards for an Information Security Management System (ISMS)

Question 39

ISO 27002

Answer 39

Code of Practice for information security controls

Question 40

ISO 27701

Answer 40

Privacy Information Management System (PIMS).

Question 41

ISO 31000

Answer 41

Risk Management Framework

Question 42

SSAE

Answer 42

Statements on Standards for Attestation Engagements (SSAE) SSAE 18 is an audit standard to enhance the quality and usefulness of System and Organization Control (SOC) reports.

Question 43

CAC

Answer 43

Common Access Card

Question 44

PIV

Answer 44

personal identity verification

Question 45

CRL

Answer 45

Certificate revocation list (CRL) Contains information about any certificates that have been revoked by a subordinate CA due to compromises to the certificate or PKI hierarchy

Question 46

OCSP

Answer 46

Online Certificate Status Protocol Offers a faster way to check a certificate’s status compared to downloading a CRL. With OCSP, the consumer of a certificate can submit a request to the issuing CA to obtain the status of a specific certificate.

Question 47

CSR

Answer 47

Certificate signing request cords identifying information for a person or device that owns a private key as well as information on the corresponding public key.

Question 48

Stapling

Answer 48

method used with OCSP, which allows a web server to provide information on the validity of its own certificate.

Question 49

Pinning

Answer 49

method designed to mitigate the use of fraudulent certificates. Once a public key or certificate has been seen for a specific host, that key or certificate is pinned to the host

Question 50

Tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle.

Answer 50

Chain of Custody