Home > Quiz: Storage security
Security Quiz:
EMAIL THIS LICENSING & REPRINTS

Quiz: Storage security

15 Dec 2005 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Regulations like SOX and the recently approved Personal Data Privacy and Security Act are bringing the importance of data protection to light. Loss of data -- be it inadvertent or surreptitious -- can result in fines, loss of revenue and loss of customer confidence. Take our quiz to see how much you know about securing data storage.

Backup

Related Information

Learn more about storage vulnerabilities in this tip.

Read about the five As of functional SAN security.

Learn about SAN approaches to LUN security.

1.) Which of the following is not a potential problem associated with encrypting data when it's backed up?
a. Slow down in backup and recoveries
b. Loss of compression
c. Rogue admins can read old backups
d. Can't encrypt data when transmitted
Answer

2.) Which type of backup is the safer of the two?
a. Cold backup
b. Hot backup
Answer

3.) True or false: It is possible to encrypt all backups?
Answer

4.) California SB-1386 requires companies to...
a. Alert customers when a third-party has requested access to their data.
b. Notify customers in writing after a data breach.
c. Encrypt backed up data with 128-bit encryption.
d. Appoint a data steward to secure customer information.
Answer

5.) What type of backup encryption has the highest upfront cost?
a. Backup software encryption
b. In-line hardware encryption
c. Source encryption
d. Initial costs are roughly equivalent.
Answer

Disaster recovery/Business continuity

6.) What is the first step in business continuity planning?
a. Put in place failover mechanisms
b. Apportion available budget
c. Identify essential functions
d. None of the above
Answer

7.) Which of the following precautions help limit downtime?
a. Constant monitoring
b. Regular testing of recovery procedure
c. Thorough documentation of system configurations, patches, etc.
d. All of the above
Answer

8.) Which of the following plans specifies a means of maintaining essential services at a crisis location?
a. Contingency plan
b. Business recovery plan
c. Business resumption plan
d. Disaster recovery plan
Answer

9.) Which of the following, as part of a business continuity plan, is applied to mission-critical systems that must be constantly available?
a. Backups
b. Failover
c. Auto-provisioning
d. Encryption
Answer

10.) What do incident response and business continuity plans have in common?
a. They both seek to reduce recovery time and costs.
b. They both define in specific terms what constitutes an incident.
c. They are only practical for larger enterprises.
d. The first step of both is to identify essential functions of the organization.
Answer


How'd you do?
9-10: You're storage security savvy
6-8: You're skilled in storage security
3-5: You're a storage security simpleton
0-2: You're a storage security slacker


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Disk Encryption and File Encryption
Should whole disk encryption products be used with data backup software?
Does FTPS encrypt data packets at the hardware or software level?
Should disks be encrypted at the hardware level?
Is Triple DES a more secure encryption scheme than DUKPT?
BitLocker: Windows data protection with whole-disk encryption?
NAC, disk encryption gaining attention, survey shows
Symantec fills gap with whole disk storage encryption
Are encrypted Microsoft Word files less safe in Internet transit than PDF files?
Hardware-based encryption gains most innovation of '07
Should computer exams be transmitted as PDF files or Word files?

Data Backup
Should whole disk encryption products be used with data backup software?
Will one failed drive corrupt the rest of a RAID-5 array?
The Craft of System Security
Can confidential data be accessed once it is deleted for free space?
Examining DoD-level secure erasure guidelines
What is the relationship between open port range and overall security risk?
Compliance, data breaches heighten database security needs
Are encryption products better than self-destructing data?
What is a logic bomb?
What should be done with a RAID-5 array's failed drives?

Enterprise Data Protection
Are open recursive DNS servers inherently insecure?
Penetration testing: Helping your compliance efforts
Worst practices: Learning from bad security tips
The ins and outs of database encryption
RSA attendees see data classification, rights management projects stumble
Worst practices: Encryption conniptions
Does FTPS encrypt data packets at the hardware or software level?
Should disks be encrypted at the hardware level?
Is Triple DES a more secure encryption scheme than DUKPT?
Will a platform-as-a-service (PaaS) environment put data at risk?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Advanced Encryption Standard  (SearchSecurity.com)
data key  (SearchSecurity.com)
Encrypting File System  (SearchSecurity.com)
Escrowed Encryption Standard  (SearchSecurity.com)
International Data Encryption Algorithm  (SearchSecurity.com)
network encryption  (SearchSecurity.com)
output feedback  (SearchSecurity.com)
quantum cryptography  (SearchSecurity.com)
Quiz: Cryptography  (SearchSecurity.com)
Rijndael  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts