Module 4

Ace your homework & exams now with Quizwiz!

Emergency operations group

A group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies.

Agile development

A method of developing software that is based on small project iterations, or sprints, instead of long project schedules.

Compliance liaison

A person whose responsibility it is to ensure that employees are aware of and comply with an organization's security policies.

Proactive change management

the act of initiating changes to avoid expected problems

Certification

the technical evaluation of a system to provide assurance that you have implemented it correctly.

Covert act

An act carried out in secrecy.

Service level agreement (SLA)

Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type?

Prudent

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

SQL injection

In what type of attack does the attacker send unauthorized commands directly to a database?

False negative

Incorrectly identifying abnormal activity as normal.

Offboarding

Process of managing the way employees leave the organization.

Phishing

Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?

White-box testing

Security testing that is based on knowledge of the application's design and source code.

Overt act

an act that is open to view

Interconnection security agreement (ISA)

an interoperability agreement, often an extension of MOU, that documents technical requirements of interconnected assets

Clipping level

A value used in security monitoring that tells the security operations personnel to ignore activity that falls below a stated value

Does the firewall properly block unsolicited network connection attempts?

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?

Authorizing official (AO)

A designated senior manager who reviews a certification report and makes the decision to approve the system for implementation

SQL injection

A form of web application attack in which a hacker submits SQL (structured query language) expressions to cause authentication bypass, extraction of data, planting of information, or access to a command shell.

Change control committee

A group that oversees all proposed changes to systems and networks.

System life cycle (SLC)

A method used in systems engineering to describe the phases of a system's existence, including design, development, deployment, operation, and disposal

Vulnerability testing

A process of finding the weaknesses in a system and determining which places may be attack points.

Operating system fingerprinting

A reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version is running on a computer

Waterfall model

A software development model that defines how development activities progress from one distinct phase to the next.

Fuzzing

A software testing method that consists of providing random input to software to see how it handles unexpected data.

Internet Architecture Board (IAB)

A subcommittee of the IETF composed of independent researchers and professionals who have a technical interest the overall well-being of the Internet

Stateful matching

A technique of matching network traffic with rules or signatures based on the appearance of the traffic and its relationship to other packets.

Memorandum of understanding (MOU)

An agreement between two or more parties that expresses areas of common interests that result in shared actions

Blanket purchase agreement (BPA)

An agreement that defines a streamlined method of purchasing supplies or services

Anomaly-based IDS

An intrusion detection system that compares current activity with stored profiles of normal (expected) activity.

Real-time monitoring

Analysis of activity as it is happening.

False positive

Incorrectly identifying normal activity as abnormal.

Sprint

One of the small project iterations used in the "agile" method of developing software, in contrast with the usual long project schedules of other ways of developing software.

Gray-box testing

Security testing that is based on limited knowledge of an application's design.

Configuration control

The process of controlling changes to items that have been baselined.

Onboarding

The process that a company uses to integrate new employees into an organization.

Network mapping

Using tools to determine the layout and services running on an organization's systems and networks.

An organization should share its information.

What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?

Baseline

a benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products

Service-level agreement

a contractual commitment by a service provider or support organization to its customers or users

Cross-Site request forgery (XSRF)

similar to the XSS attack, an attacker provides script code that causes a trusted user who views the input script to send malicious commands to a webs server. Exploits the trust a server has in a user

Accreditation

the formal acceptance by the authorization offical of the risk of implementing the system

Secure Sockets Layer (SSL)

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Hardened configuration

The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running.

Black-box testing

A method of security testing that isn't based directly on knowledge of a program's architecture.

Clean desk/clear screen policy

A policy stating that users must never leave sensitive information in plain view on an unattended desk or workstation.

Penetration testing

A testing method that tries to exploit a weakness in the system to prove that an attacker could successfully penetrate it.

Zone transfer

A unique query of a DNS server that asks it for the contents of its zone.

False positive error

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

Mitigation activities

Any activities designed to reduce the severity of a vulnerability or remove it altogether.

True

Classification scope determines what data you should classify; classification process determines how you handle classified data. True/False?

Reactive change management

Enacting changes in response to reported problems.

True

Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream rather than justin individual packets. True/False?

Change control

The process of managing changes to computer/device configuration or application software.

Standard

a mandated requirement for a hardware or software solution that is used to deal with security risk throughout the organization

a policy that specifies how your organization collects, uses, and disposes of information about individuals

Guideline

a recommendation for how to use or how to purchase a product or system.

Procedure

a set of step-by-step instructions

Event logs

a software or application-generated record that some action has occured.

Functional policy

a statement of an organization's management direction for security in such specific functional areas as email, remote access, and internet surfing.

Job rotation

a strategy to minimize risk by rotating employees between various systems or duties

Pattern-or signature-based IDS

an intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders

Security Information and Event Management system (SIEM)

software and devices that assist in collecting, storing, and analyzing the contents of log files

Remediation

the act of fixing a known risk, threat, or vulnerability that is identified or found in an IT infrastructure

Security administration

the group of individuals responsible for planning, designing, implementing, and monitoring an organization's security plan

Certifier

the individual or team responsible for performing the security test and evaluation.

System owner

the personal responsible for the daily operation of system and for ensuring that the system continues to operate in compliance with conditions set out by the authorizing official

Reconnaissance

the process of gathering information

Benchmark

the standard by which your computer or device is compared to determine if it's securely configured

Module 4

Related study sets

Midterm Part 2

Civics Chapter 19 and 20

Lang. Med chapter 4

Ch 7 HW

3.2 Evaluate Schema Theory

Chapter 21 FRL common final review

Chapter 1: Geometry Notation- Anderson

pharm hesi "green book"

chapter 18

Physical Development In Early Childhood

The Cube Root Function

LCT Unit 2

Google Search Tricks

*Italian Unification, potential essay questions (20 marker), History, A Level

biology

BLAW test 2

Writing Chemical Formulas

Freedom of Religion

CS2

Med Surge cardiac