CISSP
🇬🇧
In English
In English
Practice Known Questions
Stay up to date with your due questions
Complete 5 questions to enable practice
Exams
Exam: Test your skills
Test your skills in exam mode
Learn New Questions
Manual Mode [BETA]
The course owner has not enabled manual mode
Specific modes
Learn with flashcards
multiple choiceMultiple choice mode
SpeakingAnswer with voice
TypingTyping only mode
CISSP - Leaderboard
CISSP - Details
Levels:
Questions:
200 questions
| 🇬🇧 | 🇬🇧 |
| Parameter Checking is used to help prevent buffer overflow attacks, not to enforce process isolation. | All of the following can be used to enforce process isolation EXCEPT - Naming Distinctions - Time Multiplexing - Encapsulating Objects - Parameter Checking |
| Encryption is provided. MPLS does not natively include encryption services. | What is NOT true regarding MPLS? - QoS is provided - Packet labeling is provided - Traffic engineering is provided - Encryption is provided |
| TCP sequence number attack exploits the communication session that is created between two hosts. | Which attack is used to hijack a communication session between two devices? - Sniffer attack - TCP sequence number attack - Ping of Death attack - DNS poisoning |
| It provides confidentiality but not authenticity or non-repudiation. One of the strengths of asymmetric cryptography is its ability to provide confidentiality, authentication, and non-repudiation. | Which statement is NOT true in relation to asymmetric cryptography? - It has better key distribution than symmetric systems - It provides confidentiality but not authenticity or non-repudiation - It works much more slowly than symmetric keys - It has better scalability than symmetric systems |
| Linear cryptanalysis is a variation of the known plaintext attack that works against block ciphers. It employs affine transformation approximations to deduce the cipher's exact behavior. | Which type of cryptographic attack relies on the study of an affine transformations to deduce the cipher's exact behavior? - Differential cryptanalysis - Side-channel attack - Linear cryptanalysis - Algebraic attack |
| DCOM. | What would you choose to counteract covert channels? - Emanation - Scrubbing - DCOM - EMSEC |
| To store and process cryptographic keys. TPM is a cryptoprocessor chip used to store and manage digital encryption keys. | What is the purpose of the Trusted Platform Module (TPM)? - To improve fault tolerance by adding redundant components - To limit the actions of users based on their privileges - To host multiple operating systems on a single host computer - To store and process cryptographic keys |
| It helps maintain the integrity of data using the simple integrity axiom and the *-integrity axiom. AKA the no write up rule, specifies that a subject or process cannot write data to an object at a higher integrity level | What statement describes the Biba Security model? - It separates data into high protection data called constrained data items (CDI's) - It ensures that actions at higher security levels do not interfere with actions at lower security levels - It helps maintain the integrity of data using the simple integrity axiom and the *-integrity axiom - It helps protect the confidentiality of data using the *-property rule and the strong start property rule |
| Keys used for encryption and decryption are mathematically related. They use two different, but mathematically related, static keys. | What statement about asymmetric key encryption is true? - Asymmetric key encryption is faster than symmetric key encryption - DSA is an asymmetric key algorithm that can only be used for encryption - Keys used for encryption and decryption are mathematically related - Asymmetric key encryption can only be used to provide confidentiality |
| Encountering an error message indicates a failed test. | Which statement does not apply to misuse case testing? - Encountering an error message indicates a failed test - Invalid information is entered to determine how it is handled by the application - It is used to identify weaknesses in an application - the goal is to prevent application crashes |
| Enumeration. This is the second step in the penetration test methodology and builds on the information gathered during the discovery phase and is specifically directed at the targeted systems, applications, and networks. | Which step of a penetration test involves performing port scans to discover information about a target? - Exploitation - Enumeration - Reconnaissance - Vulnerability mapping |
| Using a software program. Using automated tools ensures that the process of collecting, analyzing, and reporting the information is consistent and efficient. | How should the security information that is captured by an organization's information security continuous monitoring (ISCM) program be collected, analyzed, and reported upon? - By the network administrator - By the end user - Using a software program - By the security administrator |
| Accountability. Monitoring, auditing, and logging ensure that users are accountable for their actions within an organization. | Monitoring, auditing, and logging provide which measure within an organization? - Accountability - Availability - Confidentiality - Integrity |
| Minimize downtime and recovery costs. | You are performing a BCP through a BIA. During this process, you should strive for which goal? |
| Temporal isolation. AKA time-based access control is often used in conjunction with other authentication methods, particularly role-based access control (RBAC). | What technique is used to extend the capability of a role-based access control mechanism? - Temporal isolation - Scrubbing - Polyinstantiation - Asset valuation |
| Attribute Based Access Control (ABAC). | Which access control model allows administrators to create policies using plain language statement? - Role Based Access Control (RBAC) - Attribute Based Access Control (ABAC) - Rule-Based Access Control - Discretionary Access Control (DAC) |
| Ensure transactions are canceled if the Internet connection is lost. | You have been tasked with testing the internal interfaces of an application. Which test should you include in your testing strategy? - Verify that the application is compatible with the network connections - Verify that the communications between the server application and the database server are functioning properly - Ensure all supported web browsers have been tested to verify that they are all functioning properly - Ensure transactions are canceled if the Internet connection is lost |
| CCMP. WPA2 uses AES (128 bit) and Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) for wireless data encryption. | You are planning to implement the 802.11i wireless standard for your WLAN environment. You want to ensure that your network is secure. Which encryption method should you use if you implement WPA2? - TKIP - 802.1X - CCMP - EAP |
| Watermarking. Watermarking involves embedding copyright information or a hidden message in the content. | Which DRM software method is mainly used to monitor and track content? - ASIC-based security - IMEI number - Watermarking - Steganography |
| Signature-based intrusion detection system. This uses accumulated knowledge to determine if an attack occurs. | You have been tasked with implementing IDS that uses predefined knowledge to determine if an attack is occurring. Which option represents the BEST system to meet these requirements? - Statistical anomaly-based intrusion detection system - Host-based intrusion detection system - Signature-based intrusion detection system - Network-based intrusion detection system |
| Infrastructure as a Service (IaaS). IaaS is the most flexible cloud computing model that allows an organization to quickly scale up new software or data-based services without installing the required hardware. | Which cloud computing model is highly scalable and provides deployment automation? - Software as a Service (SaaS) - Platform as a Service (PaaS) - Infrastructure as a Service (IaaS) - Security as a Service (SECaaS) |
| Wardialing. | The network administrator for your company has asked you to provide a report on the number of unaccounted for modems attached to the network. What should you do to accomplish this? - Wardriving - Packet sniffer - Piggybacking - Wardialing |
| Target acquisition involves investigating and gathering intelligence to identify possible targets. Methods used to helped prevent target acquisition include performing network address translation, securing directory databases, using hidden directory paths, and using unique usernames for privileged accounts. | Security attacks typically follow four steps that include target acquisition, analysis, access, and appropriation. You have decided to use hidden directory paths to help prevent attacks. Which step of an attack does this help prevent? - Target analysis - Target appropriation - Target access - Target acquisition |
| Hash-based Message Authentication Code (HMAC). HMAC provides data origin authentication, but fails to provide data confidentiality. | The following steps are performed to send a message to another user: 1. The message runs through a hashing algorithm, which generates a MAC value. 2. The MAC value is appended to the message by the sender and sent to the receiver. 3. The receiver accepts the message and adds their secret key to the message before an algorithm generates an independent MAC value for the message. 4. The receiver compares the two MAC values to see if they are the same. Which type of message authentication method is being described? |
| Transition plans for replacing outdated keys. The goverance of cryptographic algorithms and systems should address the following at minimum: - Transition plans for replacing outdated algorithms and keys - Procedures for the use of cryptographic systems - Approved cryptographic algorithms and key sizes - Key generation, escrow, and destruction guidelines - Incident reporting guidelines | Which option should be addressed by the governance of cryptographic algorithms and systems at a minimum? - The top web application security flaws and how they can be mitigated - Industry-recommended cryptographic algorithms - Transition plans for replacing outdated keys - All keys that have been issued by the system |
| Maintain It. | What should you do after a security awareness program is implemented? |
| Practicing Due care. Due care means that the organization takes responsibility for its actions and takes the necessary steps to protect itself from any possible risks. | To which legal and regulatory requirement are all organizations subject? |
| They can involve a memory location being shared between two different individuals with different security levels. | Which statement about covert storage channels is true? - The are less efficient than covert timing channels - They can involve a memory location being shared between two different individuals with different security levels - They are the only type of covert channel that can be used to access sensitive information - They rely on being able to influence the rate other processes are able to acquire CPU, memory, and I/O resources. |
| Covert channel. A wireless covert channel is an unsecured, unknown wireless communication channel within a network. | What can be caused by a rogue access point within an organization's network? - Man-in-the-middle attacks - Inference - Covert channel - Eavesdropping |
| Cleanroom. The cleanroom model is a process used for the development of high-quality software and puts an emphasis on the earlier phases of the model. | Which non-iterative software development model attempts to ensure quality by spending more time in the earlier phases of the model, such as design? - Structured Programming Development - Spiral - Waterfall - Cleanroom |
| Top Secret. Unauthorized disclosure of the laser blueprints would cause damage to national security beyond serious damage. | The military has blueprints for a new laser weapon capable of shooting missles out of the air that will be outfitted on their naval ships. Which Data classification is being discussed? - Sensitive but unclassified - Secret - Top Secret - Unclassified |
| Private. Private is a typical business classification level that applies to employee or customer data. | To which business classification level is credit card information typically addressed? - Secret - Private - Public - Confidential |
| Overwriting. Overwriting the sectors that sensitive data was stored in will provide a certain level of assurance that the sensitive data cannot be retrieved. | Which method is commonly used to remove remnants of sensitive financial data from media before the media is reused with an organization? - Overwriting - Shredding - Formatting - Degaussing |
| The Safe Harbor framework. | Laws designed to protect individuals' privacy have been created worldwide. However, different approaches have been adopted by the various countries. Which of the following was created by the U.S. Department of Commerce in consultation with the European Commission to bridge the differences in approaches? - The 1948 Universal Declaration of Human Rights - The 1980 Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data - The Lisbon Treaty - The Safe Harbor framework |
| Control analysis. | Which risk management concept involves using a security requirements checklist as a best practice? - Control analysis - Monitoring - Reporting - Continuous Improvement |
| RDP. Remote Desktop Protocol (RDP) can be used to encrypt the transmission channel, thus securing the data in transit. | You need to provide users with a method for making secure remote connections to their Windows computers. Which technology should you deploy to the users? - Telnet - SSH - VNC - RDP |
| Ciphertext-only attacks. A ciphertext-only attack happens when an attacker has only encrypted data or ciphertext to work with. It's easy to initiate because all that is needed is a single piece of ciphertext. It's very difficult to produce results though because so little information is known abut the encryption process. | Which active cryptographic attack is EASIEST to initiate, but is the MOST difficult to actually produce results? - Known-plaintext attacks - Chosen-ciphertext attacks - Chosen-plaintext attacks - Ciphertext-only attacks |
| Java. | Which programming language contains the sandbox and garbage collection security features? - JavaScript - C - COBOL - Java |
| 194. | Due to security concerns with the Internet Relay Chat (IRC) application, you need to prevent IRC traffic from entering your network. Which port number do you need to block on your firewalls? - 53 - 22 - 143 - 194 |
| Fraggle Attack. A fraggle attack uses UDP messages that are modified to appear to have the source address of the system being targeted. | Which type of attack uses spoofed UDP packets in an attempt to overwhelm a target system? - Fraggle attack - Teardrop attack - Smurf attack - SYN flood attack |
| Smart Lock. This is because they can track the people who use them. | Which type of lock allows for a certain amount of individual accountability? |
| Data Link- PPP Application- Telnet Presentation- JPEG Transport- SSL/TLS Session- SQL, RPC | Which protocols or services are used at different layers of the OSI model layer? Match the protocols or services to the appropriate layer. Layers- Data Link, Application, Presentation, Transport, Session Protocols/Services- JPEG, SSL/TLS, PPP, Telnet, SQL, RPC |
| Stores and backs up information for the information owner - Information Custodian Ultimately responsible for defending information assets - Executive Management Manages and reviews the company's security policies and procedures - Security officer Follows the organization's security policies - End user Creates accounts and adds access permissions for users that require access to data, applications, or systems - Security administrator | Which security roles match each security responsibility description? Responsibility Descriptions- Stores and backs up information for the information owner, Ultimately responsible for defending information assets, manages and reviews the company's security policies and procedures, follows the organization's security policies, creates accounts and adds access permissions for users that require access to data, applications, or systems. Roles- Security officer, Executive management, Security Administrator, End user, Information custodian |
| Isolated PVLAN. It is a secondary VLAN that exists inside the primary VLAN. Nodes attached to the isolated PVLAN are able to send packets to, and receive packets from, ports in the promiscuous PVLAN only. | Which component of private virtual local area network (PVLANs) is only capable to send packets to, or receive packets from, ports in the promiscuous PVLAN? - Isolated PVLAN - Promiscuous PVLAN - Community PVLAN - Primary PVLAN |
| Gives organization the flexibility to tailor the framework to their own needs - NIST SP 800-53 Comprises a set of 34 high-level processes and 214 control objectives to support these processes - COBIT Identifies five areas of internal control that must be present for data integrity in financial reporting and disclosure - COSO Contains best practices for IT processes that enable high levels of availability, confidentiality, and data integrity - ITIL | Which security control frameworks match each framework description? Frameworks- NIST SP 800-53, ITIL, COBIT, COSO Description- Gives organization the flexibility to tailor the framework to their own needs, Comprises a set of 34 high-level processes and 214 control objectives to support these processes, Identifies five areas of internal control that must be present for data integrity in financial reporting and disclosure, Contains best practices for IT processes that enable high levels of availability, confidentiality, and data integrity |
| It is typically applied by the end user. | Data can be protected while it is in transit using either link encryption or end-to-end encryption. Each method functions differently. Which statement is true regarding end-to-end encryption? - It is typically applied by the end user - It is possible for an attacker to see a message in clear text format as it travels across the network - It encrypts the data and the routing information - It provides better traffic confidentiality |
| FFIEC. The Federal Financial Institutions Examination Council (FFIEC) provides a booklet on creating business continuity plans. | Which of the following emphasizes resuming and maintaining business operations in financial institutions after a disaster? - NYSE Rule 446 - NASD Rule 3510 - Electronic Funds Transfer Act - FFIEC |
| Parallel test. The parallel test involves testing how the processes will run at the offsite facility and comparing them to the original site, making changes as necessary. | You need to test the organization's BCP to ensure its suitable. You need to verify that the mission critical systems can function at the alternate processing site. Which type of test is the FIRST to perform an actual recovery at the alternate processing site? - Simulation - Parallel test - Structured walk-through - Full interuption |
| Negative. Negative testing is called misuse testing. It is typically performed by entering invalid information to identify how it is handled by the application. | You have been tasked with testing a web application by attempting to access a secure web page without logging in. Which type of test do you need to perform? - Statement coverage - Regression - Path coverage - Negative |
| Determine whether the backups were successful. | What is the LAST step that you should include in any backup plan? - Determine what type of backup media you will require - Determine where you should store the backup media and how long you should store it there. - Determine what data you will need to back up - Determine whether the backups were successful |
| The mitigations must be tested by an independent group. | Steps have been taken to mitigate risks found during an assessment of custom software installed on one of the organization's servers computers. What step must be taken before the risk can be declared as mitigated? - The risks are considered mitigated once the proper controls have been put in place to deal with the risk - The developers of the custom software must sign off on the implemented mitigations - The owner of the server computer must sign off on the implemented mitigations - The mitigations must be tested by an independent group |
| A process used to protect against the accidental or deliberate introduction of harmful modifications to code or systems. | What option BEST describes the change management process? - A formal process that ensures requested changes are implemented by the most qualified individuals - A process used to ensure that accidental changes do not occur within an organization's code of ethics - A process used to protect against the introduction of harmful patches to an organization's software. - A process used to protect against the accidental or deliberate introduction of harmful modifications to code or systems |
| Auditing. Security managers can perform log reviews, account monitoring, backup verification, and review key performance indicators (PKI). | Identify an administrative duty that is not part of the security management review. - Account management - Key performance and risk indicators - Backup verification - Auditing |
| Determining the cost savings of implementing the asset is one of the ways of determining the cost of an intangible asset, not a tangible asset. | These are tangible assets and there are intangible assets. All of the following methods can be used to determine the value of a tangible asset EXCEPT: - Obtaining current quotes for replacement cost comparison - Subtracting the depreciation from the original asset cost - Determining the cost savings of implementing the asset - Identifying the cost of switching to an alternative solution |
| Encapsulates data but does not encrypt it - PPP Encrypts packets at the network layer - IPsec Supports remote access and site-to-site topologies - VPN Encrypts data using GRE or MPPE - PPTP Requires digital certificates and a PKI - SSL VPN Communicates over UDP port 1701 - L2TP | Match each remote connections protocols to the proper description: Protocols- PPP, IPsec, VPN, L2TP, SSL VPN, PPTP Descriptions- Encapsulates data but does not encrypt it, Encrypts packets at the network layer, Supports remote access and site-to-site topologies, Encrypts data using GRE or MPPE, Requires digital certificates and a PKI, Communicates over UDP port 1701 |
| It tracks real user sessions. This doesn't happen with synthetic monitoring and means that performance is predictable since specific steps are executed by a script at regular intervals. | Which statement is NOT true of synthetic monitoring? - It is also classed as proactive monitoring - It tracks real user sessions - It uses external agents to run scripted transactions - It has full access over the client |
| Security policies. | Which is MOST likely to be impacted by a company merger or acquisition? - Business interruption insurance - Security policies - Remote journaling - Reciprocal agreements |
| SAML. Security Assertion Markup Language (SAML) is an XML-based language often used to exchange identities between federated organizations. | Which SSO method is commonly used to share Federated identify information? - SESAME - Open ID - SAML - OAuth |
| Application Decomposition and Analysis (ADA). | The PASTA (Process for Attack Simulation and Threat Analysis) methodology has seven stages. What is the 3rd stage? |
| Session. Layer 5 Session Layer. | What layer of the OSI model is Half-Duplex mode being used for communication between two applications? - Physical - Data Link - Network - Presentation - Session |
| White Box. White box testing is performed while knowing the details of the system. | You provide a senior software tester with source code of an application and request that they perform a full test of the software. Which BEST identifies this type of test? - Sandbox - Black Box - White Box - Dynamic |
| Digital signature. | What information is contained within a SAML token? - One-way hash - Block cipher - Temporary session key - Digital signature |
| SDN northbound interface. SDN applications use the SDN northbound interface (NBI) to communicate the network requirements of SDN applications to the SDN controller. | Which component of Software Defined Networking (SDN) is used to communicate network requirements to the SDN controller? - SDN northbound interface - SDN datapath - SDN application - SDN control to data-plane interface |
| From a server's RAM. | Which location is the BEST place to collect live evidence when performing eDiscovery at a crime scene? - From a SAN - From a smartphone - From a workstation's hard drive - From a server's RAM |
| Data custodian. | Who is responsible for processing data backups? - Data custodian - Data owner - Security administrator - Information systems auditor |
| Streamlines the risk analysis process by identifying areas upon which to focus - FRAP Evaluates risks by defining and scoring the elements on a consistent scale - PUSH Uses a self-directed approach to securing an organization's assets - OCTAVE Examines potential effects of failures on three levels - FMEA | Match the risk assessment method with its description: Description- Streamlines the risk analysis process by identifying areas upon which to focus, Evaluates risks by defining and scoring the elements on a consistent scale, Uses a self-directed approach to securing an organization's assets, Examines potential effects of failures on three levels Method- FMEA, PUSH, OCTAVE, FRAP |
| LDAP. Lightweight Directory Access Protocol (LDAP) systems store information about users, network resources, file systems, and applications. | An organization requires an indentity management solution that uses a remote access authentication system to store information about users and applications. Which remote access authentication system should the organization use? - RADIUS - Diamter - TACACS+ - LDAP |
| Branching. This refers to the ability to execute different commands based on differing inputs. Due to the sheer number of potential inputs to many software programs, branching increases the level of complexity of the software product. | Which of the following increases the complexity of a software product? - Branching - SOMAP - OCTAVE - Scrubbing |
| It executes a known set of steps at regular intervals. This means that performance is predictable since specific steps are executed by a script at regular intervals. | Which statement relates to a synthetic performance-monitoring test used on a web site? - It is also classed as end user experience monitoring - It uses web-monitoring services to track availability - It obtains and assesses server side information - It executes a known set of steps at regular intervals |
| Hardware-based FDE. | What is the BEST way to secure all data at rest on a portable computer, with the LEAST impact on system performance? - Hardware-based FDE - Cloud computing - SSL - Software-based FDE |
| C2. Class C2, Controlled Access Protection, requires users to be identified individually, which makes them accountable for their actions. It also provides audit trails that can be used to track actions made by the users. | Which classification level of the Orange Book is the first to provide individual accountability by requiring login procedures and audit trails? - B1 - B2 - C2 - C1 |
| Consumers don't control any of the cloud-based assets, The CSP is responsible for maintaining the host and cloud infrastructure - SaaS The CSP is responsible for maintaining the host and cloud infrastructure - PaaS Consumers manage their applications and configuration settings on the host - PaaS The CSP is responsible for maintaining the cloud-based infrastructure - IaaS The CSP is responsible for the maintenance of all services - SaaS Consumers maintain the operating systems and applications - IaaS | Match each of the responsibilities for cloud-based assets to the relevant service model: Responsibilities- Consumers don't control any of the cloud-based assets, The CSP is responsible for maintaining the host and cloud infrastructure, Consumers manage their applications and configuration settings on the host, The CSP is responsible for maintaining the cloud-based infrastructure, The CSP is responsible for the maintenance of all services, Consumers maintain the operating systems and applications Service Models- SaaS, PaaS, IaaS |
| Implement egress and ingress filters - Spoofing attacks Set minimum password length - Brute force attacks Use OTP authentication - Dictionary attacks | Match the access control attacks with the methods for protecting against them: Methods for protecting- Implement egress and ingress filters, Set minimum password length, Use OTP authentication Attacks- Spoofing attacks, Dictionary attacks, Brute Force attacks |
| - Corporate policy - System specific policy - Issue specific policy | Name the three main types of policies that exist. |
| Acts as a Liaison between management, business, IT, and Information Security. This is actually a role of the steering committee. | Which of the following is NOT true of Senior Management Responsibilities? - Ensure testing (and that appropriate results are achieved) - Prioritize business functions (based on BIA) - Establish a common vision/strategy/framework for the enterprise - Provide funding and support - Acts as a Liaison between management, business, IT, and Information Security |
| Universal. All aspects of the organizations should be following the same universal frameworks or strategies. | Frameworks and strategies should be _______ throughout an organization. |
| Qualitative. | Subjective analysis to help prioritize probability and impact of risk events is an example of what type of risk analysis? |
| Exposure factor. | The percentage of loss that is expected to result in the manifestation of a particular risk even it known as ____. - Asset Value (AV) - Single Loss Expectancy (SLE) - Asset Value (AE) - Exposure Factor (EF) |
| Total cost of ownership (TCO). | What term describes the total cost of implementing a safeguard? - Return on Investment (ROI) - Total Cost of Ownership (TCO) - Asset Value (AV) - Exposure Factor (EF) |
| Rejection. Rejection is a risk response rather than a risk mitigation. | Which of the following is NOT a form of risk mitigation? - Reduce - Avoidance - Transfer - Accept - Rejection |
| Avoidance because it is a mitigation method that avoids the risk altogether. | Which of the following is the ultimate risk mitigation method? - Reduce - Avoidance - Transfer - Accept - Rejection |
| Risk Transfer. | SLA's and contracts are examples of which type of Risk Mitigation method? |
| Key Risk Idicator. | What does the acroynm KRI stand for? |
| Due Care. | Setting and enforcing policy to bring an organization into compliance is known as ______. |
| Employee behavior. | The goal of knowledge transfer is to modify ________. |
| Financial reporting. | What is a SOC 1 Report used for? |
| Security and Technology. | What is a SOC 2 Report used for? |
| Security and Technology but publicly available. | What is a SOC 3 Report used for? |
| SOC 3 is available to the public. They both are for Security and Technology, but a SOC 3 report is publicly available. | What is the difference between a SOC 2 and SOC 3 report? - SOC 3 is for financial reporting - SOC 3 is available to the public - SOC 2 is available to the public - SOC 2 is for security and technology |
| Simulation Test. | Which type of test goes through a disaster scenario, and continues up to the actual relocation to an offsite facility? - Checklist Test - Structured Walk-Through (Table Top) Test - Simulation Test |
| Data Owner. | Who is responsible for determining the classification of data? |
| Data Custodian. | Who maintains the data? |
| Obfuscation. | What is the process of hiding, replacing, or omitting sensitive information? - Data anonymization - Tokenization - Obfuscation - Masking |
| Data anonymization. | _______ is the process of either encrypting or removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous. - Data anonymization - Tokenization - Obfuscation - Masking |
| Tokenization. | Public cloud service can be integrated and paired with a private cloud that stores sensitive data. The data sent to the public cloud is altered and contains a reference to the data residing in the private cloud. This process can be described as _______. - Data anonymization - Tokenization - Obfuscation - Masking |
| Masking. | _______ is the process of using specific characters to hide certain parts of a specific dataset (ie. displaying asterisks for all but the last 4 digits of SSN). - Data anonymization - Tokenization - Obfuscation - Masking |
| Protecting data moving to and withing the cloud. | When it comes to data security in the cloud, SSL/TLS/IPsec protocols can be described as ______. - Detection of data migration to the cloud - Protecting data in the cloud - Protecting data moving to and withing the cloud |
| Detection of data migration to the cloud. | When it comes to data security in the cloud, DAM and DLP can be described as ______. - Detection of data migration to the cloud - Protecting data in the cloud - Protecting data moving to and withing the cloud |
| Caesar Cipher. | Which type of cyrptography is a simple substitution that shifts characters 3 spaces? (ie. A=D, B=E, C=F) - Caesar Cipher - Vernam - Enigma Machine and Purple Machine - Scytale - Vignere |
| Vigenere. | What is another name for a polyalphabetic cipher which uses a key word that is agreed upon ahead of time and takes the first letter of the key and matches it up against the first letter of the message, and so on? - Caesar Cipher - Vernam Cipher - Vignere - Enigma Machine and Purple Machine - Scytale |