The correct answer is the "Gramm-Leach-Bliley Act." This law mandates financial institutions to disclose their information-sharing practices and safeguard customers' private data.

In the context of Content Security Policy (CSP), the 'nonce' attribute is used to prevent Cross-Site Scripting (XSS) attacks. It allows a server to generate a unique cryptographic nonce for each page load. The nonce is included in the CSP header, and the browser only executes scripts with a matching nonce, effectively blocking any unauthorized scripts from running on the page.

In penetration testing, a "Black Box" test is when the tester has no prior knowledge of the system, simulating an external attacker's approach.

The correct answer is "Log." A log contains detailed data about events and incidents, aiding in incident response, forensics, and post-incident analysis.

Sarah is considering implementing MAC (Media Access Control) filtering to control which devices can connect to the wireless network. It allows her to permit or deny devices based on their unique hardware addresses.

Layer 3, the Network layer, is primarily concerned with end-to-end communication, routing, and network security by controlling data packet routing.

This approach to managing user rights is an example of "Role-Based Access Control (RBAC)." RBAC assigns permissions based on a user's role or job function, simplifying permission management and reducing the risk of unauthorized access.

"Authorization" policies specify who can access what in a system, setting the criteria for granting access to specific resources.

One of the key principles in network security is regularly updating and patching network devices to fix vulnerabilities and security issues.

MAC address filtering allows or denies access to a network based on the unique hardware address of a device, enhancing security by controlling device access.