4) Auditing and Accountability

Question 1

Evidence exists where an individual is unable to deny he or she has made a statement or taken action.

Answer 1

Nonrepudiation

Question 2

Monitors and reports malicious events.

Answer 2

Intrusion detection

Question 3

Alarms and takes actions when malicious events occur.

Answer 3

Intrusion prevention

Question 4

Penalizes for acting against the rules.

Answer 4

Deterrence

Question 5

What document do courts require for admissibility of records?

Answer 5

Chain of custody

Question 6

An employee is charged with fraud, and the company can prove in court that there are email transactions showing that the employee completed these using a digital signature. What term is being described?

Answer 6

Nonrepudiation

Question 7

The primary means to ensure accountability through technical means.

Answer 7

Auditing

Question 8

This provides us with the means to trace activities in our environment back to their source.

Answer 8

Accountability

Question 9

Refers to a situation in which sufficient evidence exists as to prevent an individual from successfully denying that he or she has made a statement, or taken an action.

Answer 9

Nonrepudiation

Question 10

Refers to elements that discourage or prevent misbehavior in out environments.

Answer 10

Deterrence

Question 11

A monitoring tool that alerts when an attack or other undesirable activity is taking place.

Answer 11

IDS

Question 12

An IDS is a monitoring tool that alerts when an attack or other undesirable activity is taking place. What does IDS stand for?

Answer 12

Intrusion detection system

Question 13

A tool that can take action based on what is happening in the environment.

Answer 13

IPS

Question 14

An IPS is a tool that can take action based on what is happening in the environment. What does IPS stand for?

Answer 14

Intrusion prevention system

Question 15

A methodical examination and review that ensures accountability through technical means.

Answer 15

Auditing

Question 16

A process that provides a history of the activities that have taken place in the environment.

Answer 16

Logging

Question 17

A subset of auditing that focuses on observing information about the environment in order to discover undesirable conditions such as failures, resource shortages, security issues, and trends.

Answer 17

Monitoring

Question 18

An activity involving the careful examination of our environment using vulnerability scanning tools in order to discover vulnerabilities.

Answer 18

Vulnerability assessment

Question 19

A more active method of finding security holes that includes using the kinds of tools attackers use to mimic an attack on out environment.

Answer 19

Penetration testing

Question 20

A well-known vulnerability scanning tool.

Answer 20

Nessus

Question 21

What process ensures compliance with applicable laws, policies, and other bodies of administrative control, and detects misuse?

Answer 21

Auditing

Question 22

___ provides us with the means to trace activities in our environment back to their source.

Answer 22

Accountability

Question 23

A surveillance video log contains a record, including the exact date and time, of an individual gaining access to his company’s office building after hours. He denies that he was there during that time, but the existence of the video log proves otherwise. What benefit of accountability does this example demonstrate?

Answer 23

Nonrepudiation

Question 24

Your organization’s network was recently the target of an attack. Fortunately, the new system you installed took action and refused traffic from the source before you even had a chance to respond. What system did you install?

Answer 24

An intrusion prevention system

Question 25

Nessus is an example of a ___ tool.

Answer 25

vulnerability scanning