Question 137 - SK0-005 discussion

Two-person integrity is a security measure that can be implemented to increase security against a potential insider threat on an air-gapped system. An air-gapped system is a system that is isolated from any network connection and can only be accessed physically. An insider threat is a malicious actor who has authorized access to an organization’s system or data and uses it for unauthorized or harmful purposes. Two-person integrity is a system of storage and handling that requires the presence of at least two authorized persons, each capable of detecting incorrect or unauthorized security procedures, for accessing certain sensitive data or material. This way, no single person can compromise the security or integrity of the data or material without being noticed by another person. SSO (Single Sign-On) is a feature that allows users to access multiple applications or systems with one set of credentials, but it does not prevent insider threats. SIEM (Security Information and Event Management) is a tool that collects and analyzes log data from various sources to detect and respond to security incidents, but it does not work on air-gapped systems. A Faraday cage is a structure that blocks electromagnetic signals from entering or leaving, but it does not prevent physical access or insider threats. MFA (Multi-Factor Authentication) is a method that requires users to provide two or more pieces of evidence to verify their identity, such as something they know, something they have, or something they are, but it does not prevent insider threats. Reference:

https://www.howtogeek.com/169080/air-gap-how-to-isolate-a-computer-to-protect-it-fromhackers/ https://www.howtogeek.com/428483/what-is-end-to-end-encryption-and-why-does-itmatter/ https://www.howtogeek.com/202794/what-is-the-difference-between-127.0.0.1-and- 0.0.0.0/ https://www.howtogeek.com/443611/how-to-encrypt-your-macs-system-drive-removabledevices- and-individual-files/