Cisp 428 Final
Why do we need digital certificate? What are personal digital certificates, server digital certificates, and software publisher certificates?
Digital certificate is used to prove a document originated from a valid sender. Personal digital certificates are issued directly to individuals frequently used to secure e-mail transmissions. Server digital certificates are issued from a web server to a client, ensuring authenticity of the Web server and cryptographic connection to the Web server. Software publisher certificates are provided by software publishers, verifying programs are secure and have not been tampered with.
a system of hard drives based on redundancy can be achieved through using a technology known as ____, which uses multiple hard disk drives for increased reliability and performance
RAID
TLS is an extension of
SSL
is a protocol developed by Netscape for securely transmitting documents over the Internet
SSL
Policy that defines actions users may perform while accessing systems
acceptable use policy
instead of having a single disk controller card that is attached to all hard drives, disk ____ has separate cards for each disk
dupleing
can be defined as the study of what a group of people understand to be good and right behavior and how people can make those judgments
ethics
cryptography cannot protect data as it is being transported across a network
false
is the application of science to questions that are of interest to the legal profession
forensics
a ___ site is generally run by a commercial disaster recovery service that allows a business to continue computer and network operations to maintain business continuity
hot
Measures average time until a component fails and must be replaced
mean time between failures
Measures average time needed to reestablish services
mean time to restore
disk ___ involves connecting multiple drives in the server to the same disk controller card
mirroring
an ___ UPS is always running off its battery while the main power runs the battery charger
on-line
many organizations have a ___ policy that outlines how the organization uses personal information it collects
personally identifiable information
one of the most common forms of social engineering is ___, or sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information
phishing
involves public-key cryptography standards, trust models, and key management
public key infrastructure
the ____ function is a subordinate entity designed to handle specific CA task such as processing certificate requests and authenticating users
registration authority
at the ___ stage of the certificate life cycle, the certificate is no longer valid
revocation
at its core a ____ policy is a document that outlines the protections that should be enacted to ensure that the organization's assets face minimal risks
security
certificates enable clients connecting to the Web server to examine the identity of the server's owner
server digital
Web sites that facilitate social networking. Increasingly become prime targets for attacks
social networking site
a collection of requirements specific to the system or procedure that must be met by everyone
standard
in a ____ server cluster, every server in the cluster performs useful work. if one server fails, the remaining servers continue to perform their normal work as well as that of the failed server
symmetric
digital certificates can be used for each of the following except
to verify the authenticity of the registration authorizer
a security policy attempts to provide the right amount of trust by balancing no trust and too much trust
true
acceptable use policies are generally considered to be the most important information security policies
true
digital signatures can provide authentication and integrity
true
are a person's fundamental beliefs and principles used to define what is good, right and just
values
Standard for most widely accepted format for digital certificates
x.509
Set of protocols developed to support secure exchange of packets
IP sec
provides third party verification of public key owner's identity
digital certificate
What is business continuity? What is the business impact analysis (BIA)? Please briefly discuss those terms.
Business continuity is an organization's ability to maintain operations after a disruptive event. Business impact analysis analyzes most important business functions and quantifies impact of their loss, identifies threats through risk assessment and determines impact if threats are realized
serves as the trusted third-party agency that is responsible for issuing the digital certificates
CA
backup software can internally designate which files have already been backed up by setting ___ in the properties of the file
archive bit
determines the items that have a positive economic value and may include data, hardware, personnel, physical assets and software
asset identification
in a _____ server cluster, a standby server exists only to take over for another server in the event its failure
asymmetric
is an organization's ability to maintain its operations after a disruptive event
business continuity
refers to a methodology for making changes and keeping track of those changes, often manually
change of management
a ___ site provides office space but the customer must provide and install all the equipment needed to continue operations
cold