WGU- C725|UPDATED&VERIFIED|100% SOLVED|GUARANTEED SUCCESS

SOX (Sarbanes-Oxley Act) Requires corporate executives to review and modernize their company's financial reporting systems. GLBA (Gramm-Leach-Bliley Act) Known as the Financial Modernization Act of 1999. It is a United States federal law that requires financial institutions to explain how they share and protect their customers' private information. To be GLBA compliant, financial institutions must communicate to their customers how they share the customers' sensitive data, inform customers of their right to opt-out if they prefer that their personal data not be shared with third parties. What are the three methods of sanitization? Overwriting Deguassing Destruction Mandatory Access Control (MAC) Uses security labels for access control. Highly restrictive, usually used within government agencies. E.g. TS, SCI, etc. Discretionary Access Control (DAC) A means of restricting access to objects based on the identity of subjects and/or groups to which they belong. What are the problems with passwords? Passwords can be insecure, and easily broken. Dictionary words are not advised. Passwords are inconvenient, and repudiable. RADIUS Remote Access Dial-In User Service; client/server protocol and software that enables remote access users to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. Cryptosystem is the hardware or software implementation that transforms plaintext into ciphertext (encrypting it) and back into plaintext (decrypting it). Cryptography the art of protecting information by transforming it into an unreadable format, called cipher text Cryptanalysis The science or art of breaking a cryosystem Cryptology The umbrella study of cryptography and cryptanalysis Cryptographers rely on two basic methods of disguising messages Transposition, in which letters are rearranged into a different order Substitution, in which letters are replaced by other letters and/or symbols. Symmetric Key Encryption Encryption system in which a single key is used for both encryption and decryption. DES. 3DES. AES. Asymmetric Key Encryption Encryption system when a different key is used to encrypt and to decrypt. PGP. Rijndael This is a block cipher adopted as the Advanced Encryption Standard (AES) by the United States government to replace DES. Although Rijndael supports multiple block sizes, as AES, the block size is fixed at 128 bits. DES Symmetric block, 56-bit Triple DES Symmetric cipher that applies DES three times to each block of data during the encryption process. 112 bit. AES advanced encryption standard, a symmetric uses variable length Pretty Good Privacy (PGP) A method of encrypting and decrypting e-mail messages. It can also be used to encrypt a digital signature. Uses RSA. Which ISO/OSI layer defines how to address the physical devices on the network? The data link layer handles the transfer of data across the network media. The data link layer handles the moving of data into and out of a physical link in a network. The data link layer is layer 2 in the Open Systems Interconnection (OSI) architecture model for a set of telecommunication protocols. What two modes can IPSEC run in? Transport mode, in which protection is applied to upper-layer protocols (TCP or UDP) Tunnel mode, in which an entire IP packet is wrapped inside a new IP packet and attached with a new IP header before it's transmitted through the public network