In BCM, how is 'supply chain continuity' managed for critical business operations?
- Establishes alternate suppliers and diversifies supply sources
- Focuses solely on internal production capabilities
- Relies on insurance coverage for supply chain disruptions
- Shifts the entire supply chain to a single vendor
Managing supply chain continuity in Business Continuity Management (BCM) involves establishing alternate suppliers, diversifying supply sources, and creating redundancy in the supply chain. This approach helps mitigate the impact of disruptions and ensures the availability of critical resources. Understanding supply chain continuity is essential for organizations to maintain critical business operations even in the face of external disruptions.__________________________________________________
The ____________ principle in cybersecurity suggests that systems should default to secure states in the event of a failure.
- Defense in Depth
- Fail-Safe
- Least Privilege
- Principle of Least Astonishment
The fail-safe principle in cybersecurity advocates that systems should default to secure states when there is a failure or unexpected event. This approach helps minimize potential vulnerabilities and ensures that even in adverse conditions, systems maintain a secure posture. Familiarity with the fail-safe principle is essential for designing resilient and secure systems in the face of unexpected failures.__________________________________________________
Which wireless security protocol replaced WEP due to its stronger security features?
- AES (Advanced Encryption Standard)
- TKIP (Temporal Key Integrity Protocol)
- WPA (Wi-Fi Protected Access)
- WPA2 (Wi-Fi Protected Access 2)
WPA2 replaced WEP as it offers stronger security features, including the use of AES encryption. WEP had vulnerabilities that made it susceptible to attacks, and WPA2 addressed these issues. Understanding the evolution of wireless security protocols is essential for configuring secure Wi-Fi networks and preventing unauthorized access.__________________________________________________
A healthcare provider is implementing new technologies for storing patient data. To comply with privacy laws, they must focus on ____________.
- Data Backup and Recovery
- Data Encryption
- HIPAA Compliance
- Patient Consent and Confidentiality
Healthcare providers storing patient data must focus on HIPAA compliance to ensure patient privacy and confidentiality. HIPAA outlines specific regulations and standards for protecting healthcare information. This includes implementing measures such as data encryption, regular data backups, and ensuring patient consent while maintaining confidentiality as mandated by the law.__________________________________________________
What is the main difference between IPv4 and IPv6 addressing schemes?
- IPv4 uses 128-bit addresses
- IPv4 uses 32-bit addresses
- IPv6 uses 128-bit addresses
- IPv6 uses 32-bit addresses
The main difference lies in the address length. IPv4 addresses are 32 bits long, limiting the number of available addresses and leading to address exhaustion. IPv6, on the other hand, uses 128-bit addresses, significantly expanding the address space. This change addresses the limitations of IPv4 and provides a vast number of unique addresses, essential for the growing number of devices connected to the Internet.__________________________________________________
What does an Intrusion Prevention System (IPS) do in addition to the functionalities of an IDS?
- Blocks or mitigates detected malicious activities
- Monitors network traffic for anomalies
- Provides real-time analysis of log files
- Sends alerts for potential security incidents
An Intrusion Prevention System (IPS) goes beyond the functionalities of an Intrusion Detection System (IDS) by actively blocking or mitigating detected malicious activities. While an IDS focuses on monitoring and alerting, an IPS takes proactive measures to prevent and stop security threats in real-time. Understanding the additional proactive role of an IPS is essential for enhancing network security against evolving cyber threats.__________________________________________________
In secure coding, ____________ refers to the process of examining the code for patterns that may indicate security flaws.
- Code Obfuscation
- Code Signing
- Dynamic Application Security Testing (DAST)
- Static Code Analysis
Static Code Analysis involves examining source code without executing the program. This process identifies potential security flaws by analyzing code patterns and structures. It is a crucial step in secure coding practices, allowing developers to catch vulnerabilities early in the development lifecycle. Understanding static code analysis is essential for building robust and secure software applications.__________________________________________________
Which phase of a vulnerability assessment involves identifying the potential impact of an exploit?
- Enumeration
- Exploitation
- Risk Analysis
- Scanning
The risk analysis phase in vulnerability assessment involves evaluating the potential impact of an exploit. This includes assessing the severity and consequences of identified vulnerabilities, helping prioritize remediation efforts. Recognizing the role of risk analysis is essential for making informed decisions in addressing vulnerabilities and minimizing potential risks to the organization's information systems.__________________________________________________
Which current encryption algorithm is considered potentially vulnerable to quantum computing attacks?
- AES
- DES
- RSA
- SHA-256
RSA, a widely used public key encryption algorithm, is considered potentially vulnerable to quantum computing attacks. The vulnerability lies in the ability of quantum computers to efficiently perform integer factorization, compromising the security of RSA's key generation. Identifying algorithms susceptible to quantum threats is vital for transitioning to quantum-resistant cryptographic solutions.__________________________________________________
____________ is a critical aspect in IoT security, focusing on protecting the device's physical interfaces and hardware.
- Behavioral Analysis
- Network Segmentation
- Physical Security
- Secure Boot
Physical security in IoT involves safeguarding the device's physical components and interfaces from unauthorized access or tampering. This includes measures such as secure enclosures and tamper-evident seals. Understanding the importance of physical security is vital for building robust IoT systems that defend against both cyber and physical threats to device integrity.__________________________________________________