Asset management

Question 1

Asset management

Answer 1

Track licenses, verify all devices are up to date, keep eye on most valuable assets, respond faster to a security problem – know where a device is, what the device is, who its assigned to.

Question 2

IDS/IPS

Answer 2

Can notify if a file has been moved or modified.

Question 3

File integrity check

Answer 3

OS’s can perform an integtriy check, if changed, it can identify and repair the modified files. Windows tool = SFC.

Question 4

Host based FW

Answer 4

Prevent anyone accessing your device or prevent an app from accessing an external network.

Question 5

Application whitelisting
Definition-
Path-
Network zone-

Answer 5

unique identifier such as a hash, a certificate from certain publishers.

Path = only run applications in these folders.

Network zone = apps can only run in this network zone.(PCI DSS zone/DMZ).

Question 6

Removeable media control

Answer 6

Windows event log shows USB media use, log filenames copied to usb drives, show who is using the usb.

Question 7

UTM/Web sec gateway is a?

Answer 7

All in one security app

Question 8

Data execution prevention

Answer 8

Windows event log shows USB media use, log filenames copied to usb drives, show who is using the usb.

Question 9

WAF

Answer 9

Views conversation between a web client and web server. Blocks against SQL Injection. Most used in PCI DSS environments. Allow or deny traffic based on expected input, not expected input is blocked due to being potentially malicious.