Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

15 pt2 > 15 D4 pt2 > Flashcards

15 D4 pt2 Flashcards

1
Q

Last step in Analyze phase is the ___; includes next actions necessary to respond.

A

Course of Action (COA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Firewalls:

___ - has 4 layers, provides additional security for servers.

A

Dual Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Incident handling and Response:

__- detection, analysis, and response to any event or incident.

A

Incident Handling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

__ Attacks can be malicious or non-malicious.

A

Insider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Incident handling and Response:

__- compilation of incident or intrusion sets with similar characteristics..

A

Incident Sets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Incident handling and Response:

__- occurrence having actual/potential adverse effects on an IS.

A

Incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A __ is a system or group of systems configured to enforce a security policy between 2 networks.

A

firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Incident handling and Response:

__- an occurrence, not yet assessed that may affect performance of an IS.

A

Event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
Incident response categories:
Incidents:
\_\_ - root intrusion
\_\_ - user intrusion
\_\_ - DoS
\_\_ - Malicious logic
A

1 root intrusion
2 user intrusion
4 DoS
7 malicious logic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Important principle of the Defense in Depth strategy is focused on these 3 elements:

A

People
Organizations
Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Firewalls:

___ - simple and low cost, if router compromised the entire network is compromised.

A

Simple Firewall with 1 Choke

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

For a firewall to be effective the following must be true:

  • All traffic must be __
  • Only __ __ is allowed to pass through
  • the __/__ is highly resistant to penetration
A
  • scanned
  • authorized traffic
  • system/host
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Firewalls:

___ - has 3 layers, if firewall is compromised additional protection exists.

A

Belt and Suspenders Architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Firewall Types:

__ - checks packet header information, does not check packet contents.

A

Stateless packet filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

__, __, and __ are 3 tools that can carve files from the network.

A

Tcpxtract
Xplico
NetworkMiner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Firewall Types:

__ - uses a combination of the other firewall techniques.

A

Hybrid

17
Q

Firewalls:

___ - Multiple NICs with one firewall for centralized security policies.

A

Multi-homed Firewall

18
Q

A combination of the below concepts represent the defense in depth model:

  • __
  • __
  • __
  • __
A
  • deploy robust KMI/PKI
  • deploy IDS to detect, evaluate, examine, and act on intrusions
  • apply perimeter protection
  • apply internal protection
19
Q

Incident handling and Response:

__- unauthorized access to an IS.

A

Intrusion

20
Q

Firewalls:

___ - has 2 layer, if the firewall is compromised the entire network is compromised.

A

Classic Firewall Architecture

21
Q

__- The intent of the methodology is to help coordinate, de-conflict, and execute an incident response within minutes or hours as opposed to days or weeks.

A

Incident Handling Methodology

22
Q

Firewall Types:
__ - examines both incoming and outgoing packets and has the ability to inspect communication layers and extract relevant data.

A

Stateful packet filtering

23
Q 
Benefits of an IDS/IPS:
\_\_     \_\_
\_\_     \_\_
\_\_     \_\_
\_\_     \_\_
\_\_     \_\_
\_\_
A

Passive - Requires no modifications - Analyzes data as collected or after - Real time alert notifications - Data gathering upon detection - Replay computer transmissions - Full suite of analytic tools - Can command line or gui - Interface for secure connections - User customizable

24
Q

Firewall Types:
__ - listens for service requests from internal clients and forwards those requests to the external network; operates in application layer

A

Application layer gateway/proxy

25
Q

A __ is the technical and operational impact of the incident on the organization.

A

Battle Damage Assessment (BDA)

26
Q 
Incident response categories:
Event:
\_\_ - unsuccessful access
\_\_ - non-compliance
\_\_ - reconnaissance
\_\_ - investigating
\_\_ - explained anomaly
A 
3 unsuccessful access
5 non-compliance
6 reconnaissance
8 investigating
9 explained anomaly
27
Q

Incident and reportable event reporting follows 2 channels:
__ Channel - assists with incident handling and providing fixes.
__ Channel - designed to notify commanders.

A

Technical channel

Management channel

28
Q

__ hide private clients, can block dangerous urls, filter dangerous content, check the consistency of returned content, and lag behind new services.

A

Proxies

15 pt2 (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions