Chapter 12

Ace your homework & exams now with Quizwiz!

All of these

Common vulnerability assessment processes include: (A) Internet VA (B) wireless VA (C) intranet VA (D) All of these

performance

Control __________ baselines are established for network traffic and for firewall performance and IDPS performance. (A) system (B) application (C) performance (D) environment

intelligence

Detailed __________ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported. (A) escalation (B) intelligence (C) monitoring (D) elimination

Both of these are approaches that might be chosen

Each organization sets policy to choose one of two approaches when employing digital forensics. Select the statement that best identifies the options. (A) Protect and forget (B) Apprehend and prosecute (C) Neither of these is an approach to be chosen (D) Both of these are approaches that might be chosen

Determine whether to "apprehend and prosecute."

In digital forensics, all investigations follow the same basic methodology once permissionfor search and seizure has been obtained. Which of the following is NOT one of the elements of that process? (A) Analyze the data without risking modification or unauthorized access. (B) Report the findings to the proper authority. (C) Determine whether to "apprehend and prosecute." (D) Identify relevant EM.

difference analysis

One approach that can improve the situational awareness of the information security function is to use a process known as __________ to quickly identify changes to the internal environment. (A) baselining (B) difference analysis (C) differentials (D) revision

insecure.org

The __________ Web site and list site seclists.org is home to the leading free network exploration tool, Nmap. (A) insecure.org (B) Packet Storm (C) Security Focus (D) Snort-sigs

Packet Storm

The __________ commercial site focuses on current security tool resources. (A) Nmap-hackerz (B) Packet Storm (C) Security Laser (D) Snort-SIGs

CERT/CC

The __________ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. (A) US-CERT (B) Bugtraq (C) CM-CERT (D) CERT/CC

scope

The __________ is a statement of the boundaries of the RA. (A) scope (B) disclaimer (C) footer (D) head

Snort

The __________ mailing list includes announcements and discussion of a leading open-source IDPS. (A) Nmap-hackers (B) Packet Storm (C) Security Focus (D) Snort

PSV

The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization. (A) ASP (B) ISP (C) SVP (D) PSV

intranet

The __________ vulnerability assessment is a process designed to find and document selected vulnerabilities that are likely to be present on the organization's internal network. (A) intranet (B) Internet (C) LAN (D) WAN

wireless

The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks. (A) wireless (B) phone-in (C) battle-dialing (D) network

IRP

The optimum approach for escalation is based on a thorough integration of the monitoring process into the __________. (A) IDE (B) CERT (C) ERP (D) IRP

baselines

To evaluate the performance of a security system, administrators must establish system performance __________. (A) baselines (B) profiles (C) maxima (D) means

60

To maintain optimal performance, one typical recommendation suggests that when the memory usage associated with a particular CPU-based system averages __________% or more over prolonged periods, you should consider adding more memory. (A) 40 (B) 60 (C) 10 (D) 100

Program review

______ allows for major security control components to be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate. (A) System review (B) Project review (C) Program review (D) Application review

All of the above

______ are a component of the security triple. (A) Threats (B) Assets (C) Vulnerabilities (D) All of the above

White box

______ penetration testing is usually used when a specific system or network segment is suspect and the organization wants the pen tester to focus on a particular aspect of the target. (A) White box (B) Black box (C) Gray box (D) Green box

Network connectivity RA

_______ is used to respond to network change requests and network architectural design proposals. (A) Network connectivity RA (B) Dialed modem RA (C) Application RA (D) Vulnerability RA

Penetration testing

_______, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker). (A) Penetration testing (B) Penetration simulation (C) Attack simulation (D) Attack testing

version

A __________ is the recorded condition of a particular revision of a software or hardware configuration item. (A) state (B) version (C) configuration (D) baseline

Bugtraq

A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. (A) Bug (B) Bugfix (C) Buglist (D) Bugtraq

traffic analysis

A process called __________ examines the traffic that flows through a system and its associated devices to identify the most frequently used devices. (A) difference analysis (B) traffic analysis (C) schema analysis (D) data flow assessment

scanning

A step commonly used for Internet vulnerability assessment includes __________, which occurs when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection. (A) scanning (B) subrogation (C) delegation (D) targeting

configuration

A(n) __________ item is a hardware or software item that is to be modified and revised throughout its life cycle. (A) revision (B) update (C) change (D) configuration


Related study sets

La Tour Eiffel Lecture Vocabulaire

View Set