12-2

Question 1

transferring the risk to someone else

Answer 1

transference

Question 2

if the probability of the risk is very remote, or the cost of mitigation is higher than the cost of the risk being realized, you may choose to do nothing and simply accept the risk

Answer 2

acceptance

Question 3

a rating system based on attractiveness to hackers, content, and security.

Answer 3

10+10-1

Question 4

the six stages of assessing a systems security

Answer 4

patch
port
protect
policies
probe
physical

Question 5

a computer update

Answer 5

patch

Question 6

when assessing a systems security, you should check to see whether there is a procedure in place to govern routine updating of all ______________

Answer 6

patches

Question 7

_______________ means that the OS, Database system, internet browser, etcc are checked for patches

Answer 7

applying patches

Question 8

once all patches are up to datethe next step is to set up a system to ensure that they are kept __________ date

Answer 8

up to

Question 9

automated patching system solutions

Answer 9

HFNetChkPro
ZENworks Patch Management
McAfee ePolicy Orchestrator

Question 10

this system is for windows. recent version turns patching to automatic. it will only update windows. it dows not provide a way to test patches on a test machine

Answer 10

windows update

Question 11

This product is available from Shavlik ______________ Pro/LT. handles patches automatically. sold per seat license . 5 seat for $200. 100 seat for $2100.

Answer 11

HFNetChkPro

Question 12

this product is available from Microfocus

Answer 12

ZenWorks Patch Management

Question 13

hanles automated system management. it monitors the network connected to the machine. prevents rougue machines.

Answer 13

McAfee ePolicy Orchestrator

Question 14

ports 1 through _______ are assigned and used for well known ports

Answer 14

1024

Question 15

not only is it important to close unused ports , but ports for unused________

Answer 15

services