When using Pretty Good Privacy (PGP) to digitally sign a message, the signature is created in a two-step process. First, the message to be signed is submitted to
PGP's cryptographic hash algorithm. What is one of the hash algorithms used by PGP for this process?
Correct Answer: C
Pretty Good Privacy (PGP) uses cryptographic hash algorithms to create digital signatures, ensuring the authenticity and integrity of a message. Among the hash algorithms utilized by PGP, SHA-1 (Secure Hash Algorithm 1) is one of the commonly used options. SHA-1 generates a unique fixed-size 160-bit hash value from an input message, which forms a critical part of the digital signature process.
You are the security director for an off-shore banking site. From a business perspective, what is a major factor to consider before running your new vulnerability scanner against the company's business systems?
Correct Answer: A
From a business perspective, a major factor to consider before running a new vulnerability scanner against the company's business systems is that it may harm otherwise healthy systems. While false positives and false negatives are indeed important considerations, the potential disruption or damage to operational systems can have immediate and significant business impacts. Ensuring that the systems remain operational and unaffected is crucial for maintaining business continuity and customer trust, especially for a critical service like an off-shore banking site.
Which of the following is a benefit to utilizing Cygwin for Windows?
Correct Answer: B
Cygwin is a collection of open-source tools that provides a Linux-like environment on Windows. This environment includes a large number of Unix utilities and libraries, as well as a Bash shell, which allows users to leverage powerful scripting languages like Perl, Python, and Ruby on Windows. Therefore, the primary benefit of utilizing Cygwin for Windows is bringing more powerful scripting capabilities to the system.
What technical control provides the most critical layer of defense if an intruder is able to bypass all physical security controls and obtain tapes containing critical data?
Correct Answer: C
Encryption is the most critical layer of defense if an intruder bypasses all physical security controls and obtains tapes containing critical data. This is because encryption ensures that the data on the tapes is unreadable to anyone who does not have the correct decryption key, effectively protecting the data even if physical security fails.
Two clients connecting from the same public IP address (for example - behind the same NAT firewall) can connect simultaneously to the same web server on the
Internet, provided what condition is TRUE?
Correct Answer: C
Two clients connecting from the same public IP address can connect simultaneously to the same web server as long as the client-side source ports are different. This is because the source port, combined with the client's IP address, forms a unique identifier for each connection session. The server uses this identifier to distinguish between the two clients' requests, even though they share the same public IP address.