12.3 Flashcards

1
Q

AUP

A

Acceptable use policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The security policy should consist of these 4 complementary documents/policies

A

Governing Policy, Technical Policies, End-User Policies; Standards, Guidelines, and Procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name thee detailed documents that are often contained in a security policy

A

Standards, Guidelines, Procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

3 elements for an effective argument in Incident Response:

A

Motive, Means, Opportunity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The preservation of evidence, data, and details is referred to as:

A

Legal hold

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Examples of vulnerability scanners:

A

Nessus, Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Honey pot/net can be used to…

A

Act as a distraction or as a system that is extensively monitored to learn what an attacker is attempting to do on the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ACL + definition

A

Access Control Lists are rules usually applied to router interfaces that specify permitted and denied traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Physical security controls and devices are categorized into these two cats

A

Detection and Prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Detection techniques and devices:

A

Motion detection, Video surveillance, asset tracking tags, tamper protection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Prevention techniques and devices:

A

Badges, Biometics, Smart Cards, Key Fobs, Locks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Steps in Network Device Hardening:

A

Changing default credentials, avoiding common passwords, upgrading firmware, patching and updating, file hashing, disabling unnecessary services, using secure protocols, generating new keys, disabling unused ports, changing the native VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Layer 2 Protections:

A

Spanning tree protections, DHCP snooping, VLAN segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly