Humans are said to be the weakest link in any security system. Give an example for each of the following:
What will be an ideal response?
a. A situation in which human failure could lead to a compromise of encrypted data
b. A situation in which human failure could lead to a compromise of identification and authentication
c. A situation in which human failure could lead to a compromise of access control
Example answers: (a) Installing malware on a machine on which the data is decrypted; choosing too weak an encryption method. (b) Choosing weak passwords; choosing weak security questions. (c) Writing software that fails to properly enforce access control.
You might also like to view...
A ________ is a device that converts documents or photos into digital files so they can be saved on your computer
A) scanner B) digital video recorder C) webcam D) microphone
Your organization produces a propriety piece of hardware of which confidentiality of the software code is critical. At the same time, the company is known for producing secure products and protecting reputation is critical. How can the company balance those two objectives while still getting a new product to market before the competition?
A. white box testing performed by a large security consulting firm that signs an NDA B. black box testing performed by a large security consulting firm that signs an NDA C. grey box testing performed by a small security consulting firm that signs an NDA D. black box testing performed by a large small consulting firm that signs an NDA