Explain PCI DCS - CORRECT ANSWER An information security standard used to
handle credit card payments.
explain HIPAA - CORRECT ANSWER For organizations that set a standard to
protect sensitive healthcare and patient records
explain FISMA (Federal Information Security Management Act) - CORRECT
ANSWER Defines security standards for many federal agencies in the U.S.
Mandates government agencies to protect information systems.
regulates federal departments in the United States.
Describe CIA triad - CORRECT ANSWER Confidentiality, Integrity, Availability- A
Security concept in infosec.
Confidentiality - CORRECT ANSWER Our ability to protect our data from those
who are not authorized to view it.
Integrity - CORRECT ANSWER The ability to prevent people from changing your
data in an unauthorized or desirable manner.
Availability - CORRECT ANSWER The ability to access our data when we need it.
Describe Parkerian Hexad - CORRECT ANSWER Possession/control, Authenticity,
and Utility, Confidentiality, Integrity, Availability.
Possession/Control - CORRECT ANSWER The physical disposition of the media on
which the data is stored
Authenticity - CORRECT ANSWER Allows you to say whether you've attributed the
data in question to the proper owner or creator.
, Utility - CORRECT ANSWER How useful the data is to you.
Types of attacks in CIA categories - CORRECT ANSWER C-Interception
I- Interruption, Modification, Fabrication
A-Interruption, Modification, Fabrication
Types of control - CORRECT ANSWER Physical, Logical/Technical, and
Administrative control
physical control example - CORRECT ANSWER fences, gates, locks, guard
Logical/Technical control example - CORRECT ANSWER passwords, encryption,
firewalls, access controls, IDS
Administrative control example - CORRECT ANSWER rules, laws, policies,
procedures, guidelines
Incident Response process - CORRECT ANSWER Preparation, Detection and
analysis, Containment, Eradication, Recover, Post-incident activity.
What is Defense in depth - CORRECT ANSWER multilayered defense
What is a "Sandbox" - CORRECT ANSWER An isolated environment that protects a
set of resources
What is FTP (File Transfer Protocol) used for? - CORRECT ANSWER Used to
transfer files
How ports does FTP use - CORRECT ANSWER port 20 & 21
What is IMAP (Internet Message Access Protocol) used for? - CORRECT ANSWER
managing email.
what port does IMAP use - CORRECT ANSWER port 143