ch 13

Question 1

A systematic and methodical evaluation of the security posture of the enterprise
It examines the exposure to attackers, forces of nature, and any potentially harmful entity

Answer 1

Vulnerability Assessment

Question 2

Process of inventorying items with economic value

Answer 2

Asset identification

Question 3

List potential threats that come from threat agents

Answer 3

Threat evaluation

Question 4

Goal: understand attackers and their methods

Often done by constructing threat scenarios

Answer 4

Threat modeling

Question 5

Provides visual representation of potential attacks

Drawn as an inverted tree structure

Answer 5

Attack tree

Question 6

Determine current weaknesses
Takes a snapshot of current organization security
Every asset should be viewed in light of each threat

Answer 6

Vulnerability appraisal

Question 7

Determine damage that would result from an attack

Assess the likelihood that the vulnerability is a risk to organization

Answer 7

Risk assessment

Question 8

Determine what to do about risks

Determine how much risk can be tolerated

Answer 8

Risk mitigation

Question 9

Tool available to perform vulnerability assessments:

Answer 9

• Vulnerability Assessment Tools

Question 10

Involves information exchange between one system’s program and another system’s corresponding program

Answer 10

T C P/I P communication

Question 11

A unique identifier for applications and services

16 bits in length

Answer 11

• Port number

Question 12

Searches system for port vulnerabilities
Used to determine port state
Open, closed, or blocked

Answer 12

Port scanner software

Question 13

Hardware or software that captures packets to decode and analyze contents
Also known as sniffersers

Answer 13

Protocol analyzers

Question 14

A generic term for a range of products that look for vulnerabilities in networks or systems

Answer 14

Vulnerability scanners

Question 15

– sends “probes” to network devices and examine the responses received back to evaluate whether a specific device needs remediation

Answer 15

Active scanner

Question 16

– can identify the current software OS and applications being used on the network and indicate which devices might have a vulnerability

Answer 16

Passive scanner

Question 17

a computer protected by minimal security
Intentionally configured with vulnerabilities
Contains bogus data files

Answer 17

Honeypot:

Question 18

a network set up with one or more honeypots

Set up with intentional vulnerabilities

Answer 18

Honeynet

Question 19

a message that a service transmits when another program connects to it

Answer 19

Banner

Question 20

when a program is used to intentionally gather this information
Can be used as an assessment tool to perform an inventory on the services and systems operating on a server

Answer 20

Banner grabbing

Question 21

Intended to break (“crack”) the security of a system

Answer 21

Crackers

Question 22

(W P A)

Answer 22

Wi-Fi Protected Access

Question 23

Designed to test the security of a wireless L A N system by attempting to break its protections of Wi-Fi Protected Access (W P A) or W P A 2

Answer 23

Wireless cracker

Question 24

what does the cmd ping do

Answer 24

tests the network connection between two entities

Question 25

what does the cmd netstat do

Answer 25

displayed detailed information on the device communicating between each other

Question 26

what does the cmd tracert

Answer 26

shows the path that a packet takes

Question 27

what does the cmd nslookup

Answer 27

queries the DNS to obtain a specific domain name or IP address or IP address mapping

Question 28

what does the cmd dig do

Answer 28

linux command line alternative to nslookup

Question 29

what does the cmd arp

Answer 29

view and modify addresses resolution protocol cache

Question 30

what does the cmd ipconfig do

Answer 30

displayes all current TCP/IP network configuration values and refreshes DHCP and DNS settings

Question 31

what does the cms ifconfig

Answer 31

linux implimentations of ipconfig

Question 32

what does the cmd tcpdump do

Answer 32

linux command line protocol analyzer

Question 33

Nmap

Answer 33

(network mapper)

Question 34

A security vulnerability scanner that can determine which devices are connected to the network

Answer 34

Nmap (network mapper)

Question 35

A command-line alternative to Nmap | Can be used by itself or driven by other programs and scripts (read or write)

Answer 35

Netcat

Question 36

Used to replicate attacks during a vulnerability assessment | Provides a structure of exploits and monitoring tools

Answer 36

Exploitation framework

Question 37

A technology that hides the existence of data in a seemingly harmless data file, image file, audio file, or video file

Answer 37

Steganography

Question 38

Can be used to determine if data is hidden well enough to thwart unauthorized users from finding the data

Answer 38

Steganography assessment tools

Question 39

An automated software search through a system for known security weaknesses Creates a report of potential exposures Should be compared against baseline scans

Answer 39

Vulnerability scan

Question 40

A scan looks to

Answer 40

Identify vulnerabilities or security weaknesses found in the system Identify a lack of security controls that are missing to establish a secure framework Identify common misconfigurations (in hardware and software)

Question 41

attempts to actually penetrate the system to perform a simulated attack

Answer 41

Intrusive vulnerability scan

Question 42

uses only available information to hypothesize the status of the vulnerability

Answer 42

Non-intrusive vulnerability scan

Question 43

Provides credentials (username and password) to the scanner so tests for additional internal vulnerabilities can be performed

Answer 43

Credentialed vulnerability scan

Question 44

Designed to exploit system weaknesses Relies on tester’s skill, knowledge, cunning Usually conducted by independent contractor

Answer 44

• Penetration Testing

Question 45

End result: • Penetration Testing

Answer 45

penetration test report

Question 46

tester has no prior knowledge of network infrastructure

Answer 46

Black box test

Question 47

tester has in-depth knowledge of network and systems being tested

Answer 47

White box test

Question 48

some limited information has been provided to the tester

Answer 48

Gray box test

Question 49

• Penetration Testing Once inside the network | Tester attempts to perform

Answer 49

pivot (moving around inside the network)

Question 50

The state or condition of being free from public attention to the degree that you determine

Answer 50

• Privacy

Question 51

Standard techniques for mitigating and deterring attacks | Creating a security posture

Answer 51

• Secure Methodology

Question 52

Elements that make up a security posture

Answer 52

``` Initial baseline configuration Standard security checklist Systems evaluated against baseline Continuous security monitoring Regularly observe systems and networks Remediation ```

Question 53

what security goal has encryption, steganography, access controls

Answer 53

confidentiality

Question 54

what security goal has, hashing, digital signatures, certificates, nonrepudiation, tools

Answer 54

integrity

Question 55

what security goal has redundancy, fault tolerance, patching

Answer 55

safety

Question 56

Can be configured to detect attacks and sound alarms, or prevent attacks

Answer 56

Information security controls

Question 57

lock unlocks doors automatically upon failure

Answer 57

Fail-open

Question 58

lock automatically locks

Answer 58

Fail-safe

Question 59

Types of hardening techniques include

Answer 59

Protecting accounts with passwords Disabling unnecessary accounts Disabling unnecessary services Protecting management interfaces and applications

Question 60

It is important to provide information regarding events that occur So that action can be taken

Answer 60

• Reporting

Question 61

Sound warning if specific situation is occurring

Answer 61

Alarms or alerts

Question 62

Can help ensure proper data handling

Answer 62

Data sensitive labeling

Question 63

O S “delete”

Answer 63

(Purging) command

Question 64

overwriting the disk space with zeros or random data

Answer 64

Wiping

Question 65

permanently destroys the entire magnetic-based drive | By reducing or eliminating the magnetic field

Answer 65

Degaussing