Quiz 6 Coms System Security

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

Audit

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Checklist

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

False positive error

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

Is the security control likely to become obsolete in the near future?

Which security testing activity uses tools that scan for services running on systems?

Network mapping

Which regulatory standard would NOT require audits of companies in the United States?

Personal Information Protection and Electronic Documents Act (PIPEDA)

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Secure Sockets Layer (SSL)

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System integrity monitoring

An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured.

True

In security testing, reconnaissance involves reviewing a system to learn as much as possible about the organization, its systems, and its networks.

True