Cnit 270 Exam With 100% Correct Answers 2024

Confidentiality {Ans: the act of holding information in confidence, not to be released to unauthorized individuals}Insider Attack {Ans: can be malicious or nonmalicious. Malicious insiders act intentionally. Non malicious acts typically result from carelessness, lack of knowledge, or intentional circumvention of controls to complete a work task.}Data Link Layer {Ans: An OSI layer responsible for physical addressing}Routing {Ans: Misconfigured routers can poison the data of many other nodes}UDP (User Datagram Protocol) {Ans: • Unreliable, connectionless service • No acknowledgment of receipt by receiving node • Example: streaming video}PASSWORD STORAGE {Ans: -cryptographically strong hash algorithm. -Salt -Stretched salted password}Shoulder surfing {Ans: Information entered is observed by another person}Transport Layer {Ans: End-to-end connections and reliability}Two-key triple DES {Ans: Encrypt with first key, then encrypt(or decrypt) result with second key, then encrypt result with the first key(Two 56-bit keys)}Mandatory Vacation {Ans: For sensitive positions, individuals are mandated to take vacation and security audits are conducted while they are away.}New NIST Guidelines for Passwords - Should NOT Do's {Ans: -Should not have composition rules -No password hints -No Knowledge-Based Authentication -No more expiration without reason -No SMS in two-factor authentication}Whaling {Ans: -