Security + Chapter 11 Part 3
Mobile Devices / BYOD
-Screen lock -Strong Password -Device Encryption -Remote Wipe/Sanitation -Voice Encryption -GPS Tracking -Application Control -Storage Segmentation -Asset Tracking -Device Access Control This are security measures that should be in place in which devices?
Acceptable Use Policy
A set of rules that define how to properly use a computer in a network is known as?
Application Firewall
A web server might use an _____________________ to filter common SQL injection attacks.
Lockout or Screen lock
After a certain number of attempts, the user should not be allowed to attempt any additional logons; this is called?
HIPAA (Health Insurance Portability and Accountability Act) and Gramm-Leach-Bliley Act
At the federal level, IT is governed by which two acts along with several other security-related acts?
Susceptible to attacks
Automobiles are the latest to have sophisticated systems, such as computers with complete with HDD and GPS, that makes automobiles?
Mobile devices or Mobile phones
BYOD device are also known as?
social engineering
By employing _____________ _______________________, attackers are able to gain a way to the data or the workplace through the employee.
Second Wi-Fi network (Guest network)
Companies that allow BYOD devices should allow employees to logon to the main corporate network but instead have a ________________________ that allow only personal devices t connect to that network.
Embedded Systems
Devices such as printers, smart TVs, and HVAC controls have vulnerabilities because they have their own HDD and OS, these devices are known as?
Network Segmentation
Dividing your network into segments is known as?
SCADA (supervisory control and data acquisition)
Equipment often used to manage automated factory equipment such as dams, power generators, and similar equipment are known as?
DMZ
External zones are also known as?
IDS
If you have an __________ in your DMZ, you may want to have another in your network.
Firewalls or IDS
In network segmentation the connection between each segment (routers) will also implement security features such as _______________ and __________.
Asset Tracking
Maintaining an accurate record of company-owned mobile devices is known as?
BYOD (Bring Your Own Device)
Mobile devices or mobile phones are also known as?
Internal use or Restricted
Private Information is classified as which 2?
Limited Distribution or Full distribution
Public information can be classified as which 2 types?
Acceptable Use Policy
Rules for computer use are known as?
Data Ownership
The act of having legal rights and complete control over a single piece or set of data elements in mobile devices is a sensitive issue and part of BYOD known as?
Communications, User Awareness, Education, and Online resources
The four major aspects of a security management policy are?
Embedded Systems
Used to provide computing services in a small form factor with limited processing power such as printers, smart TVs, and HVAC controls are known as?
Voice Encryption
Using encryption to mask the content of voice communications is known as?
GPS Tracking
Using the Global Positioning System (GPS) to detect the location of a portable device is known as?
BYOD devices
What devices allowed in some organizations run the risk of compromising confidential data such as photographing sensitive documents, record conversations, and acquire a great deal of sensitive data?
Data Ownership
What is a very sensitive issue with BYOD devices?
BYOD (Bring Your Own Device)/Mobile device
What refers to employees bringing their personal device in the corporate network that can pose substantial security risks?
BYOD (Bring Your Own Device)/Mobile device
What refers to employees bringing their personal devices into the corporate network environment?
Device Encryption
What security measure should be in place in mobile devices to encrypt data using a TPM just in case the device falls into the wrong hands?
Policies
What should be in place to address compromising sensitive data (photographing, recording sensitive data) in the work place with BYOD devices?
Mainframes
What type of systems tend to be more stable and less susceptible to attacks?
Application Firewalls
Which network protection filter specific application related content?
Application Firewalls
Which network protection is provides better protection for database servers or web servers than are other types of firewalls?
DMZ
Which network segment is an external zone for publicly accessible resources like a web server?
Storage Segmentation
Which security measure in mobile devices allows you to separate your work data from personal or OS data?
Asset Tracking
Which security measure in mobile devices can be as simple as a serial number etched in the device or as complex as a GPS locator?
Storage Segmentation
Which security measure in mobile devices can be used to implement whole device encryption or just encrypt the confidential data?
Application Control
Which security measure in mobile devices disables unused services?
Remote Wipe/Sanitation
Which security measure in mobile devices is a program that will allow you to send a command to a phone that will remotely clear the data on that phone?
Device Access Control
Which security measure in mobile devices limits access to who should have a mobile device which reduces risk, not every employee should have one?
Device Access Control
Which security measure in mobile devices refers to controlling who in the organization has a mobile device?
Strong Password
Which security measure in mobile devices should be in place to enter a combination of letters, numbers, and other characters to allow access to the device?
Screen lock
Which security measure in mobile devices should be in place to time out after a short period of inactivity and the screen locked with a password?
Remote Wipe/Sanitation
Which security measure in mobile devices will remotely clear data on the phone when it's stolen or going to another user?
Application Control
Which security measure is primarily concerned with controlling what applications are installed on the mobile device?
Asset Tracking
Which security measure is related to inventory control, it requires a complete and accurate list of all devices as part of mobile management?
Voice Encryption
Which security measure is used in mobile devices to encrypt transmissions, it's intended to keep the conversation secure and works by adding cryptography to the digitized conversation?
GPS Tracking
Which security measure is used to track a device by using GPS should a device be stolen, to identify it's location and allow authorities to find it?
Wrappers
Which technique involves wrapping sensitive systems with a specific control, such as having your sensitive data servers in their own network segment with their own firewall, IDS, and Antivirus protection?
Security awareness and training
Which two elements are critical to the success of a security effort that include explaining policies, procedures, and current threats to both users and management?
Struxnet virus
Which virus was used to target SCADA equipment?
