sec160 ch 10 netacad

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Base metric group -this represents the characteristics of a vulnerability that are constant over time and across contexts.

-exploitability: vector, complexity, and user interaction required by the exploit. -impact metrics: the impacts of the exploit are rooted in the CIA triad (confidentiality, integrity, availability).

Which class of metric in the CVSS Base Metric Group defines the features of the exploit such as the vector, complexity, and user interaction required by the exploit?

Exploitability

Which regulatory compliance regulation specifies security standards for U.S. government systems and contractors to the U.S. government?

Federal Information Security Management Act of 2002 (FISMA)

Which three devices are possible examples of network endpoints? (Choose three.)

IoT controller network security camera sensor

Identify Antimalware

Match

Which HIDS is an open-source based product?

OSSEC

Place the steps of risk assessment in order.

Step 1: identify threats and vulnerabilities and the matching of threats with vulnerabilities Step 2: establish a baseline to indicate risk before security controls are implemented Step 3: compare to ongoing risk assessment as means of evaluating risk management effectiveness

nftables

The successor to iptables, nftables is a Linux firewall application that uses a simple virtual machine in the Linux kernel. Code is executed within the virtual machine that inspects network packets and implements decision rules regarding packet acceptance and forwarding.

TCP wrapper

This is a rule-based access control and logging system for Linux. Packet filtering is based on IP addresses and network services.

iptables

This is an application that allows Linux system administrators to configure network access rules that are part of the Linux kernel Netfilter modules.

T/F? ISO 27001 is a global industry-wide ISMS specification

True

T/F? Iptables are Linux host-based firewall.

True

T/F? Cisco WSA provides control over how users access the Internet and it also can enforce acceptable use policies.

True.

behavior-based

antimalware approach that analyzes the activities of known malware examples.

heuristics-based

antimalware approach that recognizes general features that are shared by many types of malware.

signature-based

antimalware approach that recognizes known malware files.

network attack surface

attack surface that exploits weaknesses in the network.

software attack surface

attack surface that exploits weaknesses in the software applications.

human attack surface

attack surface that exploits weaknesses in user behavior.

Fill in the blank. An application _______ can specify which user applications are not permitted to run on a host.

blacklist

Information security Management System (ISMS)

consists of a mgmt framework through which an org identifies, analyzes, and addresses info security risks.

network infrastructure

devices that interconnect endpoints and typically include switches and wireless devices

Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?

discover

Sarbanes-Oxley Act (SOX)

ensure the integrity of financial practices and reporting.

endpoint

hosts on the network that can access or be accessed by other hosts.

Identify CVSS metrics

match

Identify Device Management Activities

match

Identify Regulatory Standard

match

Identify the Host-based Intrusion Protection Terminology

match

Identify the Parts of ISO 27001 activity cycle

match

Identify the Risk Response

match

Identify the elements of network profiling

match

Identify the stages in the NIST cybersecurity framework

match

As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?

network attack surface

Network Admission Control (NAC)

permits only authorized and compliant systems to connect to the network.

In network security assessments, which type of test is used to evaluate the risk posed by vulnerabilities to a specific organization including assessment of the likelihood of attacks and the impact of successful exploits on the organization?

risk analysis

Which function does CVSS provide?

risk assessment

In addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?

risk reduction

In profiling a server, what defines what an application is allowed to do or run on a server?

service accounts

Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?

signature-based

Payment Card Industry Data Security Standard (PCI-DSS)

standard that specifies requirements for the secure handling of customer credit card data.

Health Insurance Portability and Accountability Act (HIPAA)

stipulates controlled access policies and data encryption of patient info.

vulnerability assessment

testing that consists of scanning internal networks and Internet facing servers for various types of vulnerabilities.

risk analysis

the evaluation of risks posed by vulnerabilities to a specific organization.

Environment Metric Group

this measure the aspects of a vulnerability that are rooted in a specific org's environment. These metrics help to guide consequences within an org and also allow adjustment of metrics that are less relevant to what an org does.

Temporal Metric Group

this measure the characteristics of a vulnerability that may change over time, but not across user environments. Over time, the severity of a vulnerability will change as it is detected and measures to counter it are developed.

network profiling

used to provide a baseline of typical network behavior.

penetration testing

uses authorized simulated attacks to test the strength of network security.

In Windows Firewall, when is the Domain profile applied?

when the host is connected to a trusted network such as an internal business network


Set pelajaran terkait

Ch 33 Bio 2 Study Guide/Belmont University

View Set

BUAD309 Ch. 6, chapter 11, Chapter 13, Chapter 18, HRM 360 ch.5, Buad309 Chapter 7 Exam Questions

View Set