CYBER SECURITY HW 1 QUESTIONS AND ANSWERS 100% CORRECT!!

(T/F) Security controls must be technical in nature - ANSWER False (T/F) - If a vulnerability exists in a system, it may not result in a successful attack - ANSWER True Authentication answers the question... - ANSWER "is it really you?" What type of threat - Theft of government employee records from the Office of Personal Management - ANSWER Confidentiality What type of threat - Manipulation of a bank's database to change account balances - ANSWER Integrity What type of threat - Cryptoblocker malware that encrypts a victim's hard drive and demands a ransom to decrypt - ANSWER Availability What category policy intervention - data breach legislation requires that organizations notify customers when they lose their data - ANSWER Information disclosure Fundamental information security goals - ANSWER Integrity Confidentiality Avaiability (T/F) Best practice for protecting passwords from data breaches dictates that passwords should always be encrypted - ANSWER False Which of the following statements about Cryptographic salts are true? - ANSWER Salting a password before computing the hash helps thwart offline dictionary attacks Salts should be stored unencrypted in the password table According to the NIST guidelines, which is not required? - ANSWER Require users to change passwords at regular intervals (T/F) Authentication is the fundamental challenge of security engineering - ANSWER False - it is authorization