Chapter 12: Review Questions

What penetration testing focuses on the system, using techniques such as port scans, traceroute information, and network mapping to find weaknesses?

Active reconnaissance

What is the reversion from a change that had negative consequences?

Backout

According to CERT, which of the following would be formalized or an ad hoc team you can call upon to respond to an incident after it arises?

CSIRT

Which of the following would normally NOT be part of an incident response policy? Outside agencies (that require status) Outside experts (to resolve the incident) Contingency plans Evidence collection procedures

Contingency would be part of a disaster-recovery plan

What type of vulnerability scans uses actual network authentication connect to systems and scan for vulnerabilities?

Credentialed vulnerability scan

The process of automatically switching from a malfunctioning system to another system?

Failover

Your company is about to invest heavily in a new server farm and have made an attractive offer for a parcel of land in another country. A consultant working on another project hears of this and suggest that you get the offer rescinded because the laws in that country are much more stringent than where you currently operate. What is the concept that data is subject to laws of where it is stored?

Data sovereignty

What backup system backs up all the files that have changes since the last full backup?

Differential backup

What plan or policy can help an organization determine how to relocate an emergency site?

Disaster-recovery plan

What is a concept that works on the assumption that any information created on any system is stored forever?

Full archival

What is a newer backup type that provides continuous online backup by using optical or tape jukeboxes and can be configured to provide the closest version of an available real-time backup?

HSM

What backup system backs up only the files that have changed since the last backup?

Incremental backups

What type of penetration-style testing involves actually trying to break into the network?

Intrusion

What is the process used during data acquisition for the preservation of all forms of relevant information when litigation is reasonably anticipated

Legal hold

Karl is conducting penetration testing on the Pranks Anonymous server and having difficulty finding a weakness. Suddenly he discovers that security on a different company's server - a vendor to Pranks Anonymous- can be breached. Once he has compromised the completely different company's server, he can access the Pranks Anonymous server and then launch an attack. What is this weakness/exploit known as?

Pivot

What type of agreement between two organizations provide mutual use of their sites in the event of an emergency?

Reciprocal agreement

What is another name for working copies?

Shadow copies

What backup method uses a rotating schedule of backup media to ensure long-term information storage?

The Grandfather, Father, Son backup

What site best provides limited capabilities for the restoration of services in a disaster?

Warm site

What type of backup is used for the immediate recovery of a lost file?

Working copies