Ch. 7 CIS

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

Audit

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Black-box test

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Checklist

An SOC 1 report primarily focuses on security and privacy controls. (T/F)

False

The four main types of logs that you need to keep to support security auditing include event, access, user, and security. (T/F)

False

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

False positive error

Which security testing activity uses tools that scan for services running on systems?

Network Mapping

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

SOC 3

Which intrusion detection system strategy relies upon pattern matching?

Signature Detection

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System integrity monitoring