Advance Networking Chp. 4 & 5

Created by Ri_k91 

Upgrade to
remove ads

Vulnerability Assessment and Mitigating Attacks; Host, Application, and Data Security

The first step in a vulnerability assessment is to determine the assets that need to be protected.

True

If port 20 is available, then an attacker can assume that FTP is being used.

True

Vulnerability scans are usually performed from outside the security perimeter.

False

In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested.

False

A healthy security posture results from a sound and workable strategy toward managing risks.

True

Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.

True

Keyed entry locks are much more difficult to defeat than deadbolt locks.

False

Cipher locks are the same as combination padlocks.

False

Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners.

True

When a policy violation is detected by the DLP agent, it is reported back to the DLP server.

True

The goal of ____ is to better understand who the attackers are, why they attack, and what types of attacks might occur.

Threat Modeling

A ____ in effect takes a snapshot of the current security of the organization.

vulnerability appraisal

The ____ is the expected monetary loss every time a risk occurs.

SLE

____ is the proportion of an asset's value that is likely to be destroyed by a particular risk.

Exposure Factor (EF)

____ is the probability that a risk will occur in a particular year

Annualized Rate of Occurrence (ARO)

____ is a means by which an organization can transfer the risk to a third party who can demonstrate a higher capability at managing or reducing risks.

Outsourcing

A ____ outlines the major security considerations for a system and becomes the starting point for solid security.

baseline

____ is a comparison of the present state of a system compared to its baseline.

Baseline reporting

While the code for a program is being written, it is being analyzed by a ____.

code review

The ____ for software is the code that can be executed by unauthorized users.

attack surface

When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities.

port scanner

A(n) ____ means that the application or service assigned to that port is listening for any instructions.

open port

A(n) ____ indicates that no process is listening at this port.

Closed Port

A(n) ____ is hardware or software that captures packets to decode and analyze its contents.

protocol analyzer

A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.

Honeypot

A ____ is a network set up with intentional vulnerabilities.

honeynet

A security weakness is known as a(n) ____.

vulnerability

A(n) ____ examines the current security in a passive method.

vulnerability scan

The end product of a penetration test is the penetration ____.

test report

A ____ tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications.

white box

Released in 1995, one of the first tools that was widely used for penetration testing was ____.

SATAN

____ are combination locks that use buttons which must be pushed in the proper sequence to open the door.

Cipher Locks

____ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.

Tailgate sensors

Instead of using a key or entering a code to open a door, a user can display a ____ to identify herself.

Physical Token

The signal from an ID badge is detected as the owner moves near a ____, which receives the signal.

proximity reader

ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags.

RFID

Passive tags have ranges from about 1/3 inch to ____ feet.

19

A ____ is designed to separate a nonsecured area from a secured area.

mantrap

Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.

CCTV

Securing a restricted area by erecting a barrier is called ____.

fencing

A ____ can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object.

Cable Lock

An anti-climb collar is a ____ that extends horizontally for up to 3 feet (1 meter) from the pole to prevent anyone from climbing.

spiked collar

A ____ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.

roller barrier

____ can be prewired for electrical power as well as wired network connections.

Locking Cabinet

A ____ outlines the major security considerations for a system and becomes the starting point for solid security.

baseline

In Microsoft Windows, a ____ is a collection of security configuration settings.

security template

A ____ is software that is a cumulative package of all security updates plus additional features.

service pack

In ____, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.

heuristic detection

A(n) ____ is hardware or software that is designed to prevent malicious packets from entering or leaving computers.

firewall

____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.

DLP (Data Loss Prevention)

____ is defined as a security analysis of the transaction within its approved context.

Content inspection

Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a ____, which is sent over the network to the devices and runs as an OS service.

DLP Agent

A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful

Vulnerability assessment

Identify what needs to be protected

Asset identification

Identifying what the pressures are against a company

Threat evaluation

Identifying how susceptible the current protection is

Vulnerability appraisal

Identify what damages could result from the threats

Risk assessment

Identify what to do about threats

Risk mitigation

An automated software search through a system for any known security weaknesses

Vulnerability scan

Designed to actually exploit any weaknesses in systems that are vulnerable

Penetration testing

Eliminating as many security risks as possible and make the system more secure

Hardening

Use a key to open the lock from the outside

Keyed entry locks

Lock the door but have access to unlock from the outside via a small hole

Privacy locks

Lock the door from the inside but cannot be unlocked from the outside

Patio locks

Latch a door closed yet do not lock; typically used on hall and closet doors

Passage locks

Most common type of door lock for keeping out intruders, but its security is minimal

Standard keyed entry locks

Extends a solid metal bar into the door frame for extra security

Deadbolt locks

The outside is always locked, entry is by key only, and the inside lever is always unlocked

Storeroom locks

The outside can be locked or unlocked, and the inside lever is always unlocked

Classroom locks

Include a keyed cylinder in both the outside and inside knobs so that a key in either knob locks or unlocks both at the same time

Store entry double cylinder locks

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set