Banking Security and Control Objectives

Questions and Answers

What is a major concern for banks when it comes to online transactions?

Security threats and risks (correct)

Profitability and revenue

Data encryption

Marketing and advertising

What is the primary objective of data confidentiality?

To protect sensitive information from unauthorised access (correct)

To reduce online security costs

To provide access to all online systems

To increase online transaction speed

What should banks evaluate when adopting an encryption solution?

The speed of the encryption process

The type of encryption algorithm to use

The cost of the encryption solution

The security requirements associated with their internet systems (correct)

What is the purpose of establishing a security strategy for banks?

To provide assurance that online login access and transactions are adequately protected and authenticated

What type of risks do banks face when conducting online transactions?

Denial of service attacks, spamming, spoofing, and other forms of malware

What is the primary purpose of encryption in banks' online systems?

To protect sensitive information from unauthorised access

What should banks consider when selecting encryption algorithms?

Algorithms that are well-established international standards

What is the most important aspect of data encryption?

The protection and secrecy of cryptographic keys

Who should have access to the cryptographic keys?

No single individual should have complete access

What determines the frequency of key changes?

The sensitivity of the data and operational criticality

What is the primary application of cryptography?

Protecting the integrity and privacy of data for a specified time

Where should the encryption security of the customer's PIN and other sensitive data be maintained?

At the application layer