4.5 Security Architecture and Tool Sets Flashcards
what are the FIVE monitoring tools analyst need to know?
MRTG (multi router traffic grapher) Nagios SolarWinds Cacti Netflow Analyzer
what is wireshark?
a protocol analyzer or packet sniffer
what are the THREE IPS tools?
sourcefire
snort
bro
what is unit testing?
the debugging performed by the programmer while coding instructions
what are the THREE categories of exploit tools?
interception proxy
exploit framework
fuzzers
what error condition arises because data is not checked before input to ensure that it has an appropriate length?
buffer overflow errors
what is the purpose of content inspection?
to search for malicious code or behavior
what are the TWO exploit framework tools analyst need to know?
Metasploit, Nexpose
what are the six SIEM tools analyst need to know?
Arcsight, QRadar, Splunk, AlienVault, OSSIM, Kiwi Syslog
what is microsoft baseline security analyzer?
a microsoft application that creates security reports
what are TWO examples of input validation errors?
buffer overflow and boundary condition errors
what is a proxy server?
a server that caches and filters content
what are the seven categories of preventive tools?
IPS
Firewall
Anti-Virus
Anti-malware
Enhanced Mitigation Experience Toolkit (EMET)
Web proxy
Web application firewall
which error occurs when the length of the input data is more than the length that processor buffers can handle?
a buffer overflow
what is the most popular intrusion detection system (IDS)?
network-based IDS
what are the three interception proxy tools analyst need to know?
Burp Suite
Zap
Vega
what does the acronym IDS denote?
intrusion detection system
what are the SEVEN command-line tools analyst need to know?
netstat ping tracert/traceroute ipconfig/ifconfig nslookup/dig Sysinternals OpenSSL
what is the difference between a password checker and a password cracker?
there is no difference. they are the same tools
what are the SIX vulnerability scanning tools analyst need to know?
Qualys Nessus OpenVAS Nexpose Nikto Microsoft Baseline Security Analyzer
what are the TWO password cracking tools analyst need to know?
john the ripper
cain and abel
what are the five forensic suite tools analyst need to know?
EnCase FTK (forensic toolkit) Helix Sysinternals Cellebrite
which type of control is an intrusion detection system (IDS)?
detective technical
which type of vulnerability assessment is more likely to demonstrate the success or failure of a possible attack?
a double-blind test
what is Nessus?
a network vulnerability scanner
what are the THREE categories of analytical tools?
vulnerability scanning
monitoring tools
interception proxy
what are the THREE web application firewalls (WAFs) analyst need to know?
ModSecurity
NAXSI
Imperva
what is the imaging tool analysts need to know?
DD
what are the two hashing tools analyst need to know?
MD5sum
SHAsum
what is the network scanning tool analyst need to know?
NMAP
what activity provides identification of security flaws and verification of levels of existing resistance?
penetration testing
what are the THREE fuzzer tools analyst need to know?
Untidy
Peach Fuzzer
Microsoft SDL File/Regex Fuzzer
what are the FOUR categories of forensics tools?
forensics suites
hashing
password cracking
imaging
what are the four packet capture tools analyst need to know?
wireshark
tcpdump
network general
aircrack-ng
which tool obtains a visual map of the topology of your network, including all devices on the network?
a network mapper, also referred to as a network enumerator
what are the THREE firewall vendors analyst need to understand?
Cisco, Palo Alto, Check Point
which tool should you use to retrieve the contents of a GET request: a protocol analyzer or port scanner?
protocol analyzer
what are the SIX categories of collective tools?
SIEM Networking scanning Vulnerability scanning Packet capture Command-line utilities IDS
