Which principle of information security is mainly concerned with preventing unauthorized disclosure of information?
- Availability
- Confidentiality
- Integrity
- Non-repudiation
The principle of 'Confidentiality' in information security focuses on preventing unauthorized disclosure of information. It ensures that sensitive data is protected from unauthorized access and disclosure. Upholding confidentiality is crucial for safeguarding sensitive information and maintaining the trust of users and stakeholders in the security measures implemented. Understanding and applying confidentiality measures is fundamental in information security.__________________________________________________
How does a Network-Based Intrusion Detection System (NIDS) differ from a Host-Based IDS (HIDS)?
- HIDS focuses on the security of individual devices
- HIDS is less effective in detecting unauthorized access
- NIDS monitors network traffic for suspicious activities
- NIDS requires agents on each device for monitoring
The primary distinction lies in the scope of monitoring. NIDS operates at the network level, analyzing traffic for signs of intrusion across multiple devices. In contrast, HIDS focuses on the security of individual devices, employing agents on each system to detect and respond to local threats. Understanding these differences is crucial for deploying effective intrusion detection strategies tailored to specific security requirements.__________________________________________________
In BCM, what is the primary focus of a 'Crisis Communication Plan'?
- Ensuring employee safety during a crisis
- Facilitating communication with the media
- Maintaining regular business operations during a crisis
- Providing technical support during a crisis
The primary focus of a Crisis Communication Plan in Business Continuity Management (BCM) is ensuring employee safety during a crisis. This plan outlines communication strategies to keep employees informed, address concerns, and provide guidance on safety measures. Effective communication fosters a sense of security, promotes orderly response, and contributes to overall resilience in the face of unexpected events.__________________________________________________
In a DRP, what does the term 'Failback' refer to?
- Activating a backup data center
- Initial response to a disaster event
- Process of returning to normal operations after a failover
- Replicating data to an offsite location
'Failback' in a Disaster Recovery Plan (DRP) refers to the process of returning to normal operations after a failover. Failover occurs when systems switch to backup resources during a disruption. Understanding failback procedures is vital for ensuring a smooth transition back to the primary infrastructure once the crisis is resolved, minimizing downtime and optimizing resource utilization.__________________________________________________
In disaster recovery, what does the term 'RTO' stand for?
- Recovery Time Objective
- Regulatory Technology Oversight
- Resource Tracking Overview
- Risk Tolerance
RTO stands for Recovery Time Objective, representing the targeted duration for restoring services after a disaster. It defines the acceptable downtime for specific systems or processes. Understanding RTO is crucial for planning and implementing effective disaster recovery strategies, ensuring that the organization can resume critical operations within the defined timeframe.__________________________________________________
A ____________ attack is when a blockchain network participant modifies the network's transaction history to their advantage.
- 51%
- DDoS
- Man-in-the-Middle
- Sybil
A 51% attack occurs when a single participant or a group controls more than 50% of a blockchain network's mining power. This allows them to manipulate the transaction history, potentially leading to double-spending or other malicious activities. Understanding the concept of 51% attacks is crucial for assessing the security and decentralization of blockchain networks.__________________________________________________
A company discovers an unknown vulnerability being exploited in its software. This vulnerability was not previously reported or documented. This is an example of a ____________.
- DDoS Attack
- Insider Threat
- SQL Injection
- Zero-Day Exploit
A zero-day exploit refers to the exploitation of a software vulnerability that is not known to the vendor or the public. In this scenario, the company is facing an attack on a vulnerability that was previously unknown, emphasizing the need for proactive security measures and rapid response to mitigate the impact of such exploits. Understanding zero-day vulnerabilities is crucial for staying ahead of potential threats.__________________________________________________
____________ is the process of confirming that a digital identity aligns with a physical entity, typically through credential verification.
- Authentication
- Authorization
- Biometric Authentication
- Identity Verification
Identity Verification is the process of confirming that a digital identity aligns with a physical entity, typically through credential verification. This step is crucial in the authentication process, ensuring that the user claiming an identity is who they say they are. Understanding identity verification methods is essential for maintaining secure access to digital systems.__________________________________________________
A ____________ attack involves overwhelming a system with traffic or information to make it unavailable to users.
- DDoS (Distributed Denial of Service)
- Phishing
- SQL Injection
- XSS (Cross-Site Scripting)
A Distributed Denial of Service (DDoS) attack involves overwhelming a system with a flood of traffic, making it unavailable to users. Attackers use multiple compromised systems to flood the target with traffic, causing service disruptions. Understanding DDoS attacks is crucial for implementing effective mitigation strategies and maintaining the availability of online services.__________________________________________________
The section in a security policy that outlines disciplinary actions for policy violations is known as ____________.
- Compliance Appendix
- Enforcement Clause
- Punishment Provision
- Sanction Section
The section in a security policy that outlines disciplinary actions for policy violations is known as the Sanction Section. This part specifies the consequences or penalties individuals may face if they violate the security policy. It plays a crucial role in promoting compliance and deterring security breaches within an organization. Understanding this aspect is essential for maintaining a secure and disciplined environment.__________________________________________________