verified answers
A company developing and distributing open source applications realizes that
attackers are copying the publicly available, open source code and inserting
malware into the code.
Which type of cryptographic tool should the company use to protect the integrity
of its open source applications? Ans✓✓✓-Hash functions
A malicious actor has breached the firewall with a reverse shell. Which side of the
CIA triad is most affected?
A. Availability
B. Confidentially
C. Authentication
D. Integrity Ans✓✓✓-B. Confidentiality
A tornado destroyed a data center. Eh I hidden of the CIA triad is most affected?
A. Authenticity
B. Availability
C. Utility
D. Integrity Ans✓✓✓-B. Availability
A user changes a number in a dataset with a typo. Which side of the CIA Triad is
most affected?
,A. Availability
B. Confidentiality
C. Authentication
D. Integrity Ans✓✓✓-D. Integrity
AES Ans✓✓✓-advanced encryption standard, a symmetric 128-bit block data
encryption technique
After considerable research, attackers directed a spear phishing attack at
employees at a single bank. One employee opened a message, resulting in a
breach that delivered ransomware.
Which type of control should be implemented to prevent future spear phishing
attacks? Ans✓✓✓-employee training
An Example of Symmetric Ans✓✓✓-AES
An organization employs a VPN to safeguard its information.
Which security principle is protected by a VPN? Ans✓✓✓-Data in motion.
Apply the principle of least privilege Ans✓✓✓-Only HR staff can access employee
personal information
, Asymmetric Cryptography Ans✓✓✓-In this Cryptography a Key Pair - Private and
Public Key is used. Private Key is kept secret and the Public Key is Widely
distributed. (Only you have the private key)
Asymmetric Types Ans✓✓✓-RSA
Bell-LaPadula Model Ans✓✓✓-A combination of DAC and MAC, primarily
concerned with the confidentiality of the resource. Two security properties define
how information can flow to and from the resource: the simple security property
and the * property (Can't read higher & can't write lower)
Biba Model Ans✓✓✓-Primarily concerned with protecting the integrity of data,
even at the expense of confidentiality.
- 2 security rules: the simple integrity axiom and the * integrity axiom (No read
down, no write up)
Brewer and Nash Model Ans✓✓✓-This model allows for dynamically changing
access controls that protect against conflicts of interest. Also known as the
Chinese wall model.
Buffer overflows Ans✓✓✓-Insertion of malicious code into memory by
overrunning buffers outside of their assigned memory space.
Caesar Cipher Ans✓✓✓-a technique for encryption that shifts the alphabet by
some number of characters
Certificates Ans✓✓✓-Digitally signed electronic documents that bind a public key
with a user identity.