Security Overview

The company network is protected by a firewall, an IDS, and tight access controls. All of the files on this protected network are copied to tape every 24 hours.

The backup solution imposed on this network is designed to provide protection for what security service?

Availability
Which of the following is not a valid concept to associate with integrity?
Control access to resources to prevent unwanted access.
Which of the following is an example of a vulnerability?
Misconfigured server
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security goals is most at risk?
Confidentiality
By definition, which security concept ensures that only authorized parties can access data?
Confidentiality
Cell phones with cameras and data transfer capabilities pose a risk to which security goal?
Confidentiality
By definition, which security concept uses the ability to prove that a sender sent an encrypted message?
Non-repudiation
When a cryptographic system is used to protect the confidentiality of data, what is actually protected?
Unauthorized users are prevented from viewing or accessing the resource
Your computer system is a participant in an asymmetric cryptography system. You’ve crafted a message to be sent to another user. Before transmission, you hash the message, then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user.

In this example, what protection does the hashing activity provide?

Integrity
Which of the following is the correct definition of a threat?
Any potential danger to the confidentiality, integrity, or availability of information or systems
Which of the following is an example of an internal threat?
A user accidentally deletes the new product designs
What is the greatest threat to the confidentiality of data in most secure organizations?
USB devices