Note: Pardon the messiness of the questions. These questions come from my podcast and will be cleaning the questions up over the coming weeks.
Pick the best possible answer:
Answer: [d] Closed networks, when properly configured, do offer somewhat better security due to the separation/segregation from the business network. This benefit can be quickly lost, if proper security protocols and mechanisms are not enforced and maintained.
Source: ShonGerber Training Courses
Pick the best possible answer:
[d] Closed networks are mostly more secure than open networks because the ability of the attacker to circumvent the separated/segregated systems is more complex and difficult.
Explanation: Closed networks, when properly configured, do offer somewhat better security due to the separation/segregation from the business network. This benefit can be quickly lost, if proper security protocols and mechanisms are not enforced and maintained.
The Trusted Computing Base (TCB) is:
[b] The Trusted Computing Based was designed to only control and/restrict access inside TCB components.
Explanation: The TCB is considered the foundation for created secure code for both software and hardware developers. It was designed by the US Department of Defense as the Orange Book/Trusted Computer System Evaluation Criteria (TCSEC). It is designed so that systems will meet design specifications when created and developed.
What is the most advanced cryptographic key length used in the Advanced Encryption Standard?
[d] 256 bits
Fred recently received an email from Bill in his inbox. What goal would need to be achieved to ensure Fred that the email is legitimate and has not been spoofed.
What of the following as it relates to the Trusted Platform Module are true:
[c] The TPM is responsible for storing and processing the crypto keys for the system and can be in software and hardware systems
Explanation: The TPM sole purpose is considered the Trusted source within the computing system and will store and process the cryptographic security keys. Full-Disk Encryption will store the encryption keys in this location.
Select the most correct statement about the majority of Industrial Controls Systems (ICS)
[c] ICS systems are considered critical in most businesses unfortunately, they tend to lack the resources/controls needed to ensure they are properly protected.
Explanation: Industrial Control Systems and their associated networks are considered to be vital to most organizations. However, most companies cannot or do not commit enough resources to these systems protection
Is it requirement for a company to pay thousands of dollars to companies that provide vulnerability scanning products or are there open source products that are just as useful?
[a] Yes - Open source vulnerability scanning products can provide significant level of value to companies, especially if there are limited resources available.
Explanation: Open source products especially vulnerability scanning products provide significant value and should be considered, especially for small networks.
When deploying a Mobile Device Management Solution what are some key aspects to consider?
[d] All of the above
Explanation: All of these options are critical with the proper deployment of a Mobile Device Management solution.
If your organization is using the Data Encryption Standard, what is the worst key length to use and why?
[b] 56 bits - This number of bits is too small and is able to be cracked in less than 24 hours
Explanation: In 1999, the 56-bit DES key was cracked in 22 hours using technology from the era. It can be assumed that if the 56-bit DES key could be cracked even faster today.
What is the most common types of devices used to protect the perimeter of a facility.
Explanation: Lighting is the most common type of device used to protect the perimeter of a facility or building. The lighting allows for quick identification of individuals who may be attempting to gain access to your location.