Network Security Final Exam Review
20
A Preshared Key (PSK) of fewer than _______ characters may be subject to an attack if that key is a common dictionary word.
Supplicant
A RADIUS authentication server requires that the _______ be authenticated first.
For as long as it appears on the device
A TOTP token code is valid _____.
Prevent certain applications from launching that will consume too much power
A UPS can perform each of the following EXCEPT _____.
Has an initialization vector (IV) that is the same length as a WEP key of 64 bits
A WEP key that is 128 bits in length __________.
Network Intrusion Detection System (NIDS)
A _____ watches for attacks and sounds an alert only when one occurs.
Vulnerability Assessment
A ________ is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm.
Certificate Signing Request (CSR)
A _________ is a specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.
Cable Lock
A ___________ can be used to secure a mobile device.
Hotfix
A ____________ addresses a specific customer situation and often may not be distributed outside that customer's organization.
Certificate Repository (CR)
A centralized directory of digital certificates is called a(n) __________ .
The user's identity with his public key
A digital certificate associates ____________.
Extended Validation SSL Certificate
A digital certificate that turns the address bar green is a(n) ________.
Verify the receiver
A digital signature can provide each of the following benefits EXCEPT ___________.
Stateful Packet Filtering
A firewall using _________ is the most secure type of firewall.
Deadbolt Lock
A lock that extends a solid metal bar into the door frame for extra security is the ____________.
Unified Threat Management (UTM)
A multipurpose security device is known as _______.
Subject
A process functioning on behalf of the user who attempts to access a file is known as a(n) _____.
Makes a copy of the transmission for use at a later time
A replay attack _________
Routes incoming requests to the correct server
A reverse proxy _____.
Asymmetric server cluster
A standby server that exists only to take over for another server in the event of its failure is known as a(n) _____.
Security-related human resource policy
A statement regarding due diligence would be found in which security policy?
Performing a security risk assessment
A typical configuration baseline would NOT include _____________.
Identification
A user entering her user name would correspond to the __________ action in access control.
Trojan
A user who installs a program that prints out coupons but in the background silently collects her passwords has installed a _________
Users who access a common website
A watering hole attack is directed against _______.
Intrusive Vulnerability Scan
A(n) _____ attempts to penetrate a system in order to perform a simulated attack.
Application-Aware Firewall
A(n) _____ can identify the application that send packets and then make decisions about filtering based on it.
LDAP injection attack
A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
Certificate Policy (CP)
A(n) _____ is a published set of rules that govern the operation of a PKI.
Memorandum of Understanding (MOU)
A(n) _____ is an agreement between two parties that is not legally enforceable.
Operational
A(n) _____ risk control type would use video surveillance systems and barricades to limit access to secure sites.
proxy server
A(n) _______ intercepts internal user requests and then processes those requests on behalf of the users.
Digest
A(n) _________ is not decrypted but is only used for comparison purposes.
Owner
A(n) _________ is the person who is responsible for the information, determines the level of security needed for the data, and delegates security duties as required.
Virus
A(n) ____________ requires a user to transport it from one computer to another.
On-Line UPS
A(n) is always running off its battery while the main power runs the battery charger.
WPA2
AES-CCMP is the encryption protocol standard used in _________.
List of remote NetBIOS names
An attacker cannot use NetBIOS to determine ______.
Integer overflow
An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?
Class C
An electrical fire like that which would be found in a computer data center is known as what type of fire?
Certificate Authority (CA)
An entity that issues digital certificates is a ________.
False Positive
An event that appears to be a risk but turns out not to be one is called a _____.
Obscurity
An example of _______ is not revealing the type of computer, operating system, software, and network connection a computer uses
Diversity
An organization that purchased security products from different vendors is demonstrating what security principle?
Threat Evaluation
At what point in a vulnerability assessment would an attack tree be utilized?
Personal Area Network (PAN)
Bluetooth falls under the category of .
Reset to factory settings
Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob's mobile device is configured to ________.
Can be embedded inside a webpage but add-ons cannot.
Browser plug-ins _________.
Geolocation
Creating a pattern of where a user accesses a remote web account is an example of _____.
Substitutes DNS addresses so that the computer is automatically redirected to another device.
DNS poisoning ____________.
To verify the authenticity of the Registration Authorizer
Digital certificates cannot be used ________.
Wet chemical system
Each of these is a category of fire suppression systems EXCEPT a _____.
Attack Assessment
Each of these is a step in risk management EXCEPT _____.
Operating System
Each optional feature is found on most mobile devices EXCEPT ________.
In-band Key Exchange
Elliptic Curve Diffie-Hellman (ECDH) is an example of _________.
Andragogical
For adult learners, a(n) approach (the art of helping an adult learn) is often preferred.
A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
How can an attacker use a hoax?
Logically
How does a virtual LAN (VLAN) allow devices to be grouped?
A virtualized environment is created and the code is executed in it.
How does heuristic detection detect a virus?
It discards unsolicited packets.
How does network address translation (NAT) improve security?
It takes more time to generate candidate password digests.
How is key stretching effective in resisting password attacks?
It allows secure web domains to exchange user authentication and authorization data
How is the Security Assertion Markup Language (SAML) used?
Alice's public key
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message?
Captive Portal
If Cora tries to access a free public Wi-Fi at a local coffee shop that requires her to first agree to an Acceptable Use Policy (AUP) before continuing, what type of AP has she encountered?
Address Resolution Protocol (ARP) poisoning
If a device is determined to have an out-of-date virus signature file, then Network Access Control (NAC) can redirect that device to a network by _____.
Connect them to different switches and routers
If a group of users must be separated from other users, what is the most secure network design?
Fail-Open
If a software application aborts and leaves the program open, which control structure is it using?
White Box
If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?
Makes a request to the authenticator
In a network using IEEE 802.1x, a supplicant __________.
Server Digital Certificate
In order to ensure a secure cryptographic connection between a web browser and a web server, a(n) _____ would be used.
Is assigned a label
In the Mandatory Access Control (MAC) model, every subject and object _____.
Mandatory Access Control
In the ________ model, the end-user cannot change any security settings.
As the functional and design specifications are being developed based on the requirements
In the software development process, when should a design review be conducted?
ICMP Poisoning
Internet Control Message Protocol (ICMP) is NOT used by which kind of attacks?
Behavioral
Keystroke dynamics is an example of which type of biometrics?
Impersonation
Michelle pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Michelle performed?
Location services
Mobile devices using _________ are at increased risk of targeted physical attacks.
Personal Digital Assistant (PDA)
One of the first mobile devices was a _______.
Non-Repudation
Proving that a user sent an email message is known as .
Are widely accepted in the industry
Public Key Cryptography Standards (PKCS) ________.
Is the management of digital certificates
Public Key Infrastructure (PKI) _____.
Perfect Forward Secrecy
Public key systems that generate random public keys that are different for each session are called _______.
Clean Desk Policy
Requiring employees to clear their workspace of all papers at the end of each business day is called _____.
Ease of use
Tablet computers are designed for _______.
Encrypts the key and the message
The Hashed Message Authentication Code (HMAC) __________.
Provides cryptographic services in hardware instead of software
The Trusted Platform Module (TPM) _________.
Third
The ________-party trust model supports CA.
Chief Information Security Officer (CISO)
The _________ is primarily responsible for assessing, managing, and implementing security
In the directory structure of the file system
The areas of a file in which steganography can hide data do NOT include ________.
MTTR
The average amount of time that it will take a device to recover from a failure that is not a terminal failure is called the _________.
Custody
The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence.
Hypertext Transport Protocol (HTTP)
The preferred method today of bot herders for command and control of zombies is ________.
Evil Twin
The primary design of a(n) ________ is to capture the transmissions from legitimate users.
Least Privilege
The principle known as _________ in access control means that each user should be given only the minimal amount of privileges necessary for that person to perform his job function.
20 and 21
The protocol File Transfer Protocol (FTP) uses which two ports?
Keyed Entry Lock
The residential lock most often used for keeping out intruders is the ________.
Digital Certificate
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
Single Sign-On
Using one authentication credential to access multiple accounts or applications is known as _____.
Temporal Key Integrity Protocol (TKIP)
WPA replaces WEP with _________.
Accounts Payable
What CANNOT be classified as an asset?
Health Insurance Portability and Accountability Act (HIPAA)
What act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?
Reformat the web application server's hard drive
What action cannot be performed through a successful SQL injection attack?
Mobile Device Management (MDM)
What allows a device to be managed remotely?
Regulatory
What approach is NOT a part of the Simple Risk Model?
Cybercriminals
What are attackers called who belong to a network of identity thieves and financial fraudsters?
Image
What can a QR code NOT contain?
Stockholders
What cannot be classified as an "insider"?
Vapor Barrier
What cannot be used along with fencing as a security perimeter?
A protocol analyzer
What cannot be used to hide information about the internal network?
Send spam email to all users in the company on Tuesday
What could NOT be defined as a logic bomb?
Disk to Disk to Tape (D2D2T)
What data backup solution uses the magnetic disk as a temporary storage area?
Point to another area data memory that contains the attacker's malware code
What do attackers use buffer overflows to do?
It limits devices that can connect to a switch
What does MAC limiting and filtering do?
Copies all files changed since the last full or incremental backup
What does an incremental backup do?
It separates personal data from corporate data
What does containerization do?
Redundant Array of Independent Drives
What does the abbreviation RAID represent?
Geo-Fencing
What enforces the location in which an app can function by tracking the location of the mobile device?
Intrusion Detection
What function does an Internet content filter NOT perform?
Hardware Security Module (HSM)
What has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
Keyboard Mapping
What is NOT a Microsoft Windows setting that can be configured through a security template?
Risk Loss
What is NOT a basic security protection for information that cryptography can provide?
Is only used by hactivists against foreign enemies
What is NOT a characteristic of Advanced Persistent Threat (APT)?
Collisions should be rare
What is NOT a characteristic of a secure hash algorithm?
A long password
What is NOT a characteristic of a weak password?
Periodic Visual Inspections
What is NOT a characteristic of an alarmed carrier PDS?
Alerts users when a new patch cannot be found
What is NOT a function of a vulnerability scanner?
Limit access control
What is NOT a goal of information security?
Users can more easily roam from one WLAN to another.
What is NOT a limitation of turning off the SSID broadcast from an AP?
It displays the attack's programming skills.
What is NOT a reason why adware is scorned?
Greater sophistication of defense tools
What is NOT a reason why it is difficult to defend against today's attackers?
The processors on clients are smaller than on web servers and thus they are easier to defend.
What is NOT a reason why securing server-side web applications is difficult?
Most sites force users to create weak passwords even though they do not want to.
What is NOT a reason why users create weak passwords?
Resistance
What is NOT a response to risk?
Public networks are faster than local networks and can spread malware more quickly to mobile devices.
What is NOT a risk of connecting a mobile device to a public network?
Only 50 percent of the packets will be encrypted.
What is NOT a risk when a home wireless router is not securely configured?
Virtual servers are less expensive that their physical counterparts
What is NOT a security concern of virtualized environments?
Last known good configuration
What is NOT a security feature for locating a lost or stolen mobile device?
SmallSD
What is NOT a size of SD cards?
Data In-Process
What is NOT a state of data that DLP examines?
Purposes
What is NOT a successive layer in which information security is achieved?
Making all configuration changes remotely
What is NOT a technique for securing a router?
Low-Capacity
What is NOT a type of SD card?
WNIC Probe
What is NOT a type of wireless AP probe?
Transport itself through the network to another device
What is NOT an action that a virus can take?
Resource Control
What is NOT an activity phase control?
Cost increases
What is NOT an advantage of BYOD for an organization?
The risk of overloading a desktop client is reduced.
What is NOT an advantage of a load balancer?
Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.
What is NOT an advantage to an automated patch update service?
ARP address impersonation
What is NOT an attack against a switch?
Successful logins
What is NOT an entry in a firewall log that should be investigated?
Barricade
What is NOT designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow?
Determining user need (analyzing)
What is NOT part of the makeup of the AAA elements in network security?
Common Access Card (CAC)
What is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel?
Guideline
What is a collection of suggestions that should be implemented?
Third-party cookie
What is a cookie that was not created by the website being viewed called?
Vulnerability appraisal
What is a current snapshot of the security of an organization?
OpenID
What is a decentralized open-source FIM that does not require specific software to be installed on the desktop?
Cost
What is a disadvantage of biometric readers?
Spyware
What is a general term used for describing software that gathers information without the user's consent?
An attack that slightly alters dictionary words
What is a hybrid attack?
Whitelist
What is a list of approved email senders?
Threat Agent
What is a person or element that has the power to carry out a threat?
A random string assigned by a web server
What is a session token?
Multifactor Authentication System
What is a token system that requires the user to enter the code along with a PIN called?
MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format
What is a vulnerability of MAC address filtering?
Intimidation
What is an attempt to influence a user by coercion?
Level 0+1
What is an example of a nested RAID?
To spy on citizens
What is an objective of state-sponsored attackers?
Flash cookie
What is another name for a locally shared object?
SSL v2.0
What is considered the weakest cryptographic transport protocol?
Plaintext
What is data called that is to be encrypted by inputting it into an cryptographic algorithm?
Typo Squatting
What is it called when a user makes a typing error when entering a URL that takes him to an imposter website?
Content-length
What is not an HTTP header attack?
Android apps can be sideloaded
What is one reason Android devices are considered to be at a higher security risk than iOS devices?
A framework for transporting authentication protocols
What is the Extensible Authentication Protocol (EAP)?
To inject SQL statements through unfiltered user input
What is the basis of a SQL injection attack?
TACACS+
What is the current version of TACACS?
The aim of a hactivist is not to incite panic like cyberterrorists
What is the difference between a hactivist and a cyberterrorist?
A NIPS can take action more quickly to combat an attack.
What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?
Develop a security policy.
What is the first step in securing an operating system?
Reconnaissance
What is the first step in the Cyber Kill Chain?
SHA-3
What is the latest version of the Secure Hash Algorithm?
Discretionary Access Control (DAC)
What is the least restrictive access control model?
Recovery Point Objective (RPO)
What is the maximum length of time that an organization can tolerate between data backups?
Custodian
What is the name given to the individual who periodically reviews security settings and maintains records of access by users?
Its usage creates a detectable pattern
What is the primary weakness of Wired Equivalent Privacy (WEP)?
A virus can be transmitted.
What is the security risk of a P2P network?
Bot Herder
What is the term used for an attacker who controls multiple zombies in a botnet?
BlueSnarfing
What is the unauthorized access of information from a wireless device through a Bluetooth connection called?
LDAP
What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
XSS does not attack the web application server to steal or corrupt its information
What is unique about a cross-site scripting (XSS) attack compared to other injection attacks?
Spim
What is unsolicited instant messaging called?
Books
What items retrieved through dumpster diving would NOT provide useful information?
Transitive
What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through succeeding systems that all trust one another?
The necessary steps to protect a person or property from harm
What phrase describes the term "security" in a general sense?
Lock Screen
What prevents a mobile device from being used until the user enters the correct passcode?
Integrity
What protection is provided by hashing?
Reformat the hard drive and reinstall the operating system.
What should you do to completely remove a rootkit form a computer?
It prevents DoS or DDoS attacks
What statement about a flood guard is true?
It monitors and controls two interlocking doors to a room.
What statement about a mantrap is true?
It can only protect data while it is on the user's personal computer
What statement about data loss prevention (DLP) is NOT true?
It is designed for use on a large scale.
What statement is NOT true regarding hierarchical trust models?
Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
What statement is correct regarding why traditional network security devices cannot by used to block web application attacks?
The Windows virtual machine needs its own security
What statement is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows virtual machine?
Software keyloggers are easy to detect
What statement regarding a keylogger is NOT true?
Black Hat Hackers
What term was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability?
Man-in-the-Middle
What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
Directory Traversal
What type of attack involves an attacker accessing files in directories other than the root directory?
Public Cloud
What type of cloud is offered to all users?
Laptop
What type of computer most closely resembles a desktop computer?
Administrative Controls
What type of controls are the processes for developing and ensuring that policies and procedures are carried out?
SNMPv3
What version of Simple Network Management Protocol (SNMP) is considered the most secure?
Date
What would NOT be a filtering mechanism found in a firewall rule?
Router Delay
What would NOT be a valid Internet Control Message Protocol (ICMP) error message?
To secure the crime scene
When an unauthorized event occurs, what is the first duty of the computer forensics response team?
In digests
Where can keys NOT be stored?
On the Internet
Where does a web-based computer store user files?
With the SMTP server
Where is the preferred location for installation of a spam filter?
DNS poisoning
Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?
FC hard zone
Which Fibre Channel zone is the most restrictive?
802.11ac
Which IEEE WLAN has the highest data rate?
Group Policy
Which Microsoft Windows feature provides centralized management and configuration of computers and remote users who are using Active Directory?
PIN method
Which Wi-Fi Protected Setup (WPS) method is vulnerable?
LM (LAN Manager) hash
Which algorithm is the weakest for creating password digests?
RSA
Which asymmetric cryptography algorithm is the most secure?
RSA
Which asymmetric encryption algorithm uses prime numbers?
Pre-image Attack
Which attack is an attempt to compare a known digest to an unknown digest?
What you do
Which authentication factor is based on a unique talent that a user possesses?
Kerberos
Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?
Hub
Which device is easiest for an attacker to take advantage of in order to capture and analyze packets?
OTP
Which encryption method cannot be broken mathematically?
iSCSI
Which high-speed storage network protocols used by a SAN is IP-based?
Weight
Which human characteristic is NOT used for biometric identification?
Diffie-Hellman (DH)
Which key exchanges uses the same keys each time?
Level 1
Which level of RAID uses disk mirroring and is considered fault-tolerant?
Ransomware
Which malware locks up a user's computer and then displays a message that purports to come from a law enforcement agency?
XML
Which markup language is designed to carry data?
Subnotebook
Which mobile device is the smallest?
Moisture
Which of the following is NOT a motion detection method?
Push Flood
Which of these is NOT a DoS attack?
It is a private document used only by top-level administrators for planning.
Which of these is NOT a characteristic of a disaster recovery plan (DRP)?
Busy
Which of these is NOT a state of a port that can be returned by a port scanner?
Authorization
Which of these is NOT part of the certificate life cycle?
A spark to start the process
Which of these is NOT required for a fire to occur?
Access Control List (ACL)
Which of these is a set of permissions that is attached to an object?
SFTP
Which of these is the most secure protocol for transferring files?
Advanced Encryption Standard
Which of these is the strongest symmetric cryptography algorithm?
HOTP
Which one-time password is event-driven?
Representative from a hardware vendor
Which person should NOT serve on a security policy development team?
Acceptable Use Policy
Which policy defines the actions users may perform while accessing systems and networking equipment?
How long will it take to finish the backup?
Which question is NOT a basic question to be asked regarding creating a data backup?
Do not use alphabetic characters.
Which recommendation would NOT be found in a password management and complexity policy?
Operational
Which risk category addresses events that impact the daily business of the organization?
Filter packets based on protocol settings
Which secure feature does a load balancer NOT provide?
OAuth
Which single sign-on (SSO) technology depends on tokens?
It dynamically assigns roles to subjects based on rules.
Which statement about Rule Based Access Control is true?
It removes private addresses when the packet leaves the network.
Which statement about network address translation (NAT) is true?
It attempts to standardize vulnerability assessments.
Which statement about the Open Vulnerability and Assessment Language (OVAL) is true?
It uses automated software to scan for vulnerabilities.
Which statement about vulnerability scanning is true?
Policies communicate a unanimous agreement of judgment.
Which statement does NOT describe a characteristic of a policy?
Only access a social networking site on personal time.
Which statement is NOT a general security recommendation when using social networking sites?
Require all users to approve the policy before it is implemented.
Which statement is NOT a guideline for developing a security policy?
State reasons why the policy is necessary.
Which statement is NOT something that a security policy must do?
It uses FIN messages that can pass through firewalls and avoid detection.
Which statement regarding TCP SYN port scanning is NOT true?
It contains servers that are used only by internal network users.
Which statement regarding a demilitarized zone (DMZ) is NOT true?
It cannot be part of a honeynet.
Which statement regarding a honeypot is NOT true?
Vulnerability appraisal is always the easiest and quickest step.
Which statement regarding vulnerability appraisal is NOT true?
Physical keyboard
Which technology is NOT a characteristic of a mobile device?
Wireless Probe
Which technology is NOT found in a wireless broadband router?
Near Field Communication (NFC)
Which technology is predominately used for contactless payment systems?
PEAP
Which technology should be used instead of LEAP?
HTTP Header
Which type of attack modifies the fields that contain the different characteristics of the data that is being transmitted?
Firewall Log
Which type of device log contains the most beneficial security data?
Access Log
Which type of log can provide details regarding requests for specific files on a system?
Hot Site
Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?
Individuals on a decision-making level
Who should be involved in a tabletop exercise?
The vulnerability was previously unknown and is unlikely to be patched quickly
Why can brokers command such a high price for what they sell?
They can cause significant disruption by destroying only a few targets
Why do cyberterrorists target power plants, air traffic control centers, and water systems?
It allows an attacker to bypass many of the network security configurations.
Why is a rogue AP a security vulnerability?
It prevents a broadcast storm that can cripple a network
Why is loop protection necessary?
It could result in denial of service (DoS) attacks.
Why should the account lockout threshold not be set too low?
RADIUS
With the development of IEEE 802.1x port security, the _____ authentication server has seen even greater usage.
Session keys
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
Cognitive
_____ biometrics is related to the perception, thought processes, and understanding of the user.
Implicit Deny
_____ in access control means that if a condition is not explicitly met, then access is to be rejected.
Secure Shell (SSH)
_____ is a protocol for securely accessing a remote computer.
Privilege
_____ management covers the procedures of managing object authorizations.
Online Certificate Status Protocol (OCSP)
_____ performs a real-time lookup of a digital certificate's status.
Key Escrow
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Baseline reporting
_______ is a comparison of the present security state of a system to a standard established by the organization.
Due care
_______ is defined as the obligations that are imposed on owners and operators of assets to exercise reasonable care of the assets and take necessary precautions to protect them.
Ethics
________ may be defined as the study of what people understand to be good and right behavior and how people make those judgments.
Whaling
________ sends phishing messages only to wealthy individuals.
Threat modeling
_________ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are, why they attack, and what types of attacks may occur.
Authentication
_________ ensures that individuals are who they claim to be
Tailgating
_________ is following an authorized person through a secure door.
Group Policy
___________ allows for a single configuration to be set and then deployed to many or all users.
Confidentiality
___________ ensures that only authorized parties can view the information
IT contingency planning
___________ is the process of developing an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT.