Podcast
Questions and Answers
Which NIST Special Publication forms the basis for FISMA and RedRamp?
Which NIST Special Publication forms the basis for FISMA and RedRamp?
- NIST SP 800-53 (correct)
- NIST SP 800-39
- NIST SP 800-37
- NIST SP 800-30
What is physical security's most important concern?
What is physical security's most important concern?
- Ensuring availability
- Protecting people (correct)
- Protecting data
- Preventing unauthorized access
What type of physical access control might you put in place to block access to a vehicle?
What type of physical access control might you put in place to block access to a vehicle?
- Visitor badges
- Biometric authentication
- Surveillance cameras
- Security landscaping (correct)
Can you give an example of how a living organism might constitute a threat to your equipment?
Can you give an example of how a living organism might constitute a threat to your equipment?
Which category of physical control might include a lock?
Which category of physical control might include a lock?
How can embedded devices impact the physical world?
How can embedded devices impact the physical world?
What solutions might you use to prevent a mobile device from being jailbroken?
What solutions might you use to prevent a mobile device from being jailbroken?
What does the principle of authenticity refer to?
What does the principle of authenticity refer to?
What does the Parkerian hexad possession or control refer to?
What does the Parkerian hexad possession or control refer to?
What is the final leg of the CIA triad?
What is the final leg of the CIA triad?
Which principle of the Parkerian hexad is not necessarily binary in nature and can have a variety of degrees of utility?
Which principle of the Parkerian hexad is not necessarily binary in nature and can have a variety of degrees of utility?
What type of attack primarily targets the confidentiality of data?
What type of attack primarily targets the confidentiality of data?
What is data at rest?
What is data at rest?
What type of data is protected by encryption while it is in motion?
What type of data is protected by encryption while it is in motion?
Which type of attack involves manipulating the processes to prevent access to data, resulting in the possible loss or corruption of data?
Which type of attack involves manipulating the processes to prevent access to data, resulting in the possible loss or corruption of data?
What type of attack involves tampering with an asset and can be considered attacks on integrity and availability?
What type of attack involves tampering with an asset and can be considered attacks on integrity and availability?
In what type of attack would altering the configuration of a web server to change how it deals with encrypted connections be considered a confidentiality attack?
In what type of attack would altering the configuration of a web server to change how it deals with encrypted connections be considered a confidentiality attack?
How can confidentiality be compromised?
How can confidentiality be compromised?
What does integrity refer to?
What does integrity refer to?
How can utility be enforced in data?
How can utility be enforced in data?