NT2580 Chapter 7
An audit examines whether security controls are appropriate, installed correctly, and ________.
Addressing their purpose
Post-audit activities include which of the following?
All of the Above
Which of the following is an example of a level of permissiveness?
All of the Above
A ________ is a standard used to measure how effective your system is as it relates to industry expectations.
Benchmark
Host isolation is the isolation of internal networks and the establishment of a(n) ________.
DMZ
A hardened configuration is a system that has had unnecessary services enabled.
False
________ is used when it's not as critical to detect and respond to incidents immediately.
Non-real-time monitoring
The review of the system to learn as much as possible about the organization, its systems, and networks is known as ________.
Reconnaissance
A common platform for capturing and analyzing log entries is ________.
Security Information and Event Management (SIEM)
In ________ methods, the IDS compares current traffic with activity patterns consistent with those of a known network intrusion via pattern matching and stateful matching.
Signature-based
Some of the tools and techniques used in security monitoring include baselines, alarms, closed-circuit TV, and honeypots.
True
When you use a control that costs more than the risk involved, you're making a poor management decision.
True
