Quiz 3 CIT 2853
Risky is viewing security logs to independently assess security controls. Which security review process is Ricky engaging in?
Audit
A report indicating that a system's disk is 80 percent full is a good indication that something is wrong with that system.
False
An SOC 1 report primarily focuses on security.
False
Regarding log monitoring, false negatives are alerts that seem malicious but are not real security events.
False
Anthony is responsible for tuning for his organization's intrusion detection system. He notices that the system reports an intrusion alert each time an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?
False positive error
Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?
Report writing
Emily is the information security director for a large company that handles sensitive personal information. she is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?
SOC 3
Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?
Service level agreement (SLA)
In security testing, reconnaissance involves reviewing a system to learn as much as possible about the organization, its systems, and its networks.
True
Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?
Does the firewall properly block unsolicited network connecting attempts?
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
System integrity monitoring
Anomaly-based intrusion detection systems compare current activity with stored profiles of normal (expected) activity.
True
Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would not be part of his audit?
Is the security control likely to become obsolete in the near future?
Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network.
Secure Sockets Layer (SSL)