Cybersecurity Ch. 11

To evaluate the performance of a security system, administrators must establish system performance __________. A. baselines B. profiles C. maxima D. means

Baselines

A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. A. Bugs B. Bugfix C. Buglist D. Bugtraq

Bugtraq

The __________ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. A. US-CERT B. Bugtraq C. CM-CERT D. CERT/CC

CERT/CC

A(n) __________ item is a hardware or software item that is to be modified and revised throughout its life cycle. A. revision B. update C. change D. configuration

Configuration

One approach that can improve the situational awareness of the information security function is to use a process known as __________ to quickly identify changes to the internal environment. A. baselining B. difference analysis C. differentials D. revision

Difference analysis

The optimum approach for escalation is based on a thorough integration of the monitoring process into the __________. A. IDE B. CERT C. ERP C. IRP

IRP

Detailed __________ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported. A. escalation B. intelligence C. monitoring D. elimination

Intelligence

The __________ vulnerability assessment is a process designed to find and document selected vulnerabilities that are likely to be present on the organization's internal network. A. intranet B. Internet C. LAN D. WAN

Intranet

__________ is used to respond to network change requests and network architectural design proposals. A. Network connectivity RA B. Dialed modem RA C. Application RA D. Vulnerability RA

Network connectivity RA

The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization. A. ASP B. ISP C. SVP D. PSV

PSV

The __________ commercial site focuses on current security tool resources. A. Nmap-hackerz B. Packet Storm C. Security Laser D. Snort-SIGs

Packet Storm

__________, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker). A. Penetration testing B. Penetration simulation C. Attack simulation D. Attack testing

Penetration testing

Control __________ baselines are established for network traffic and for firewall performance and IDPS performance. A. system B. application C. performance D. environment

Performance

A step commonly used for Internet vulnerability assessment includes __________, which occurs when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection. A. scanning B. subrogation C. delegation D. targeting

Scanning

The __________ is a statement of the boundaries of the RA. A. scope B. disclaimer C. footer D. head

Scope

The __________ mailing list includes announcements and discussion of a leading open-source IDPS. A. Nmap-hackers B. Packet Storm C. Security Focus D. Snort

Snort

A process called __________ examines the traffic that flows through a system and its associated devices to identify the most frequently used devices. A. difference analysis B. traffic analysis C. schema analysis D. data flow assessment

Traffic analysis

A __________ is the recorded condition of a particular revision of a software or hardware configuration item. A. state B. version C. configuration D. baseline

Version

__________ penetration testing is usually used when a specific system or network segment is suspect and the organization wants the pen tester to focus on a particular aspect of the target. A. White box B. Black box C. Gray box D. Green box

White box

The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks. A. wireless B. phone-in C. battle-dialing D. network

Wireless

The __________ Web site is home to the leading free network exploration tool, Nmap. A. insecure.org B. Packet Storm C. Security Focus D. Snort-sigs

insecure.org

To maintain optimal performance, one typical recommendation suggests that when the memory usage associated with a particular CPU-based system averages __________% or more over prolonged periods, you should consider adding more memory. A. 40 B. 60 C. 10 D. 100

60

__________ are a component of the "security triple." A. Threats B. Assets C. Vulnerabilities D. All of the above

All of the above

Common vulnerability assessment processes include: A. Internet VA B. wireless VA C. intranet VA D. all of these

All of these