Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Security+ > Ch 13 Key Terms > Flashcards

Ch 13 Key Terms Flashcards

1
Q

Hardware/Software that captures packets to decode and analyze their contents

vulnerability scanner

passive scanner

network mapping scanner

protocol analyzer

A

protocol analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

used by network admin’s for network monitoring

protocol analyzer

vulnerability scanner

active scanner

passive scanner

A

protocol analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

a range of products that look for different vulnerabilities in networks or systems

network mapping scanner

passive scanner

vulnerability scanner

active scanner

A

vulnerability scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

sends probes to network devices and examines the responses received back to evaluate whether a specific device needs remediation

network mapping scanner

passive scanner

vulnerability scanner

active scanner

A

active scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

can identify the current software OS’s and applications being used on the network and indicate which devices might have a vulnerability (an example would be an OS that has not been patched)

passive scanner

network mapping scanner

active scanner

vulnerability scanner

A

passive scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

combines network device discovery tools and network scanners to find open ports or discover shared folders

vulnerability scanner

wireless scanner

network mapping scanner

active scanner

A

network mapping scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

can discover malicious wireless network activity such as failed login attempts, record these to an event log, and alert an administrator

active scanner

passive scanner

wireless scanner

configuration compliance scanner

A

wireless scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

used to evaluate and report any compliance issues related to specific inducstry guidelines

active scanner

wireless scanner

configuration compliance scanner

passive scanner

A

configuration compliance scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

a comprehensive review of how an enterprise follows regulatory guidelines

configuration compliance

vulnerability scanner

passive scanner

compliance audit

A

compliance audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic but are actually imitations of real data files

honeypot

password cracker

honeynet

banner

A

honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

purpose is to invite attacks so that the attacker’s methods can be studied and that information can be used to increase network security

wireless cracker

honeypot

honeynet

banner

A

honeynet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

a message that a service transmits when another program connects to it

password cracker

wireless cracker

banner grabbing

banner

A

banner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

when a program intentionally gathers information such as the type of server software, the last modified date, its version number and other similar information

honeynet

banner

honeypot

banner grabbing

A

banner grabbing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

designed to test the security of a WLAN system by attempting to break its protections of WPA or WPA2

honeynet

password cracker

explitation framework

wireless cracker

A

wireless cracker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

intended to break the digest of a password to determine its strength

intrusive vulnerability scan

explitation framework

wireless cracker

password cracker

A

password cracker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

a security vulnerability scanner that can determine which devices are connected to the network and the services they are running

Netcat

Nmap

penetration testing

intrusive vulnerability scan

17
Q

a command-line alternative to Nmap with additional features scanning for vulnerabilities

intrusive scan

Ifconfig

Netcat

non-intrusive scan

18
Q

used to replicate attacks during a vulnerability assessment by providing a structure of exploits and monitoring tools

explitation framework

intrusive vulnerability scan

steganography assessment tools

security assessment tools

A

explitation framework

19
Q

can be used to determine if the data is hidden well enough to thwart unauthorized users from finding the data

blackbox

steganography assessment tools

intrusive vulnerability scan

penetration testing

A

steganography assessment tools

20
Q

attempts to actually penetrate the system in order to perform a simulated attack

intrusive vulnerability scan

white box

non-intrusive vulnerability scan

penetration testing

A

intrusive vulnerability scan

21
Q

designed to exploit any weaknesses in systems that are vulnerable

blackbox

non-intrusive vulnerability scan

penetration testing

white box

A

penetration testing

22
Q

relies upon the skill, knowledge and cunning of the tester

penetration testing

gray box

black box

active reconnaissance

A

penetration testing

23
Q

the tester has not prior knowledge of the network infrastructure

green box

white box

black box

gray box

24
Q

the tester has in-depth knowledge of the network and systems being tested

black box

white box

gray box

red box

25
actively probing the system, much like an attacker would do to find information initial exploitation active reconnaissance passive reconnaissance pivot
active reconnaissance
26
the tester uses tools that do not raise any alarms passive reconnaissance intial exploitation non-intrusive vulnerability scan active reconnaissance
passive reconnaissance
27
once the tester has conducted a recon, he uses that information to determine if it provides entry to a secure network intial exploitation pivot passive reconnaissance data retention
intial exploitation
28
once inside the network, the tester moves around inside it to other resources; goal is to achieve privilege escalation passive reconnaissance data retention intial exploitation pivot
pivot
29
how long data must be kept and how it is to be secured initial baseline configuration remediation pivot data retention
data retention
30
an approach, philosophy or strategy regarding data privacy and security initial baseline configuration security posture baseline posture continuous security monitoring
security posture
31
the standard security checklist against which systems are evaluated for security posture security posture initial baseline configuration continuous security monitoring remediation
initial baseline configuration
32
continual observation of systems and networks through vulnerability scanning and pen testing continuous security monitoring security posture initial baseline configuration remediation
continuous security monitoring
33
a plan that will address vulnerabilities and how to fix them before they are exploited by attackers security posture remediation initial baseline configuration continuous security monitoring
remediation
34
overwriting the disk space with zeros or random data wiping swiping erasing degaussing
wiping
35
to permanently destroy the entire drive by reducing or eliminating the magnetic field erasing swiping degaussing wiping
degaussing

Security+ (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions