Podcast
Questions and Answers
What is the difference between a vulnerability and a threat?
What is the difference between a vulnerability and a threat?
- D. A vulnerability is the actual exploitation of a weakness, while a threat is the potential for a weakness to be exploited
- B. A vulnerability is the potential for a weakness to be exploited, while a threat is the actual exploitation of a vulnerability
- C. A vulnerability is a weakness that can be exploited, while a threat is a weakness that can potentially be exploited
- A. A vulnerability is a weakness that can be exploited, while a threat is the potential for a vulnerability to be exploited (correct)
If the web servers in your environment are based on Microsoft's Internet Information Services (IIS) and a new worm is discovered that attacks Apache web servers, what do you not have?
If the web servers in your environment are based on Microsoft's Internet Information Services (IIS) and a new worm is discovered that attacks Apache web servers, what do you not have?
- C. Threat (correct)
- D. Mitigation
- B. Exploit
- A. Vulnerability
What is the difference between verification and authentication of an identity?
What is the difference between verification and authentication of an identity?
- B. Verification confirms the validity of the credentials provided, while authentication confirms the identity of a person (correct)
- A. Verification confirms the identity of a person, while authentication confirms the validity of the credentials provided
- C. Verification and authentication are interchangeable terms
- D. Verification and authentication are not related to identity
What do you call the process in which the client authenticates to the server and the server authenticates to the client?
What do you call the process in which the client authenticates to the server and the server authenticates to the client?
A key would be described as which type of authentication factor?
A key would be described as which type of authentication factor?
If you're using an identity card as the basis for your authentication scheme, what steps might you add to the process to allow you to move to multifactor authentication?
If you're using an identity card as the basis for your authentication scheme, what steps might you add to the process to allow you to move to multifactor authentication?
Name three reasons why an identity card alone might not make an ideal method of authentication.
Name three reasons why an identity card alone might not make an ideal method of authentication.
Based on the Parkerian hexad, what principles are affected if you lose a shipment of encrypted backup tapes that contain personal and payment information for your customers?
Based on the Parkerian hexad, what principles are affected if you lose a shipment of encrypted backup tapes that contain personal and payment information for your customers?
If the web servers in your environment are based on Microsoft's Internet Information Services (IIS) and a new worm is discovered that attacks Apache web servers, what do you not have?
If the web servers in your environment are based on Microsoft's Internet Information Services (IIS) and a new worm is discovered that attacks Apache web servers, what do you not have?
A key would be described as which type of authentication factor?
A key would be described as which type of authentication factor?
Which authentication factors might you want to avoid in an environment with a larger number of disabled or injured users, such as a hospital?
Which authentication factors might you want to avoid in an environment with a larger number of disabled or injured users, such as a hospital?
