14 terms

Security Class

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.
Packet sniffer
The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.
___ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.
A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
The ____ involves collecting information about an organization's objectives, its technical architecture, and its information security environment.
Technology ____ guides how frequently technical systems are updated, and how technical updates are approved and funded.
A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.
The ____ examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security management.
System Administration, Networking, and Security Organization is better known as ____.
The information security function can be placed within the ____.
All of the above
The ____ mailing list includes announcements and discussion of an open-source IDPS.
Snort sigs
The optimum approach for escalation is based on a thorough integration of the monitoring process into the ____.
____, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Penetration testing
There are ____ common vulnerability assessment processes.