Antivirus software is commonly used to scan a computer system for known malware signatures. It compares files and activities on the computer to a database of known malware signatures to detect and remove malicious software.

"Stateful inspection" in firewalls refers to the method of tracking the state of active connections and making decisions based on the context of the traffic, enhancing security by understanding the state of network connections.

Defense-in-Depth is a security strategy that advocates implementing multiple layers of security measures. This approach helps to provide redundancy and ensure that even if one layer is breached, other layers can still protect the system. Single Sign-On, Two-Factor Authentication, and Encryption are important security concepts but not the same as Defense-in-Depth.

When an IDS generates an alert for non-malicious activity, it's called a 'False Positive,' indicating a potential security concern that is, in fact, benign.

This technique is called "baiting." It involves leaving a device (in this case, a malware-infected USB drive) in a location where someone may find it and plug it into a computer out of curiosity. Once connected, the malware can infect the victim's computer.

Ethical hackers should ideally have Standard User permissions. Giving them full access could lead to unintended consequences, while having no access impedes their work. Standard User access provides a balance of access for testing without causing harm.

The GDPR (General Data Protection Regulation) primarily pertains to the protection of personal data for citizens of the European Union. It is a comprehensive data protection law that sets strict standards for how organizations handle personal data of EU residents, regardless of where the organization is based.

They are likely implementing the RSA (Rivest-Shamir-Adleman) encryption system. RSA is a widely used public-key encryption system where each participant has a pair of keys: a public key for encryption and a private key for decryption. This ensures secure data transmission and is often used in secure communications and digital signatures.

DES (Data Encryption Standard) is an encryption algorithm that was once considered very secure but is now deemed vulnerable due to advances in computing power. It has been replaced by more secure algorithms like AES.

Security awareness training is not typically a direct part of an incident response plan but rather a proactive measure to educate employees about security best practices. An incident response plan focuses on how to react to and mitigate security incidents after they occur.