Chapter 2: Monitoring and Diagnosing Networks Flashcards

1
Q

A network segment between two firewalls. One is outward facing, connected to the outside world, the other inward facing, connected to the internal network. Public-facing servers, such as web servers, are often placed in the DMZ.

A

Demilitarized Zone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A network that functions in the same manner as a honeypot.

A

Honeynet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A fake system designed to divert attackers from your real systems. It is often replete with logging and tracking to gather evidence.

A

Honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A broad term that applies to a wide range of systems used to manage information security.

A

Information Security Management System (ISMS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A system that monitors the network for possible intrusions and logs that activity.

A

Intrusion Detection System (IDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A system that monitors the network for possible intrusions and logs that activity and then blocks the traffic that is suspected of being an attack.

A

Intrusion Prevention System (IPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Any information that could identify a particular individual.

A

Personally Identifiable Information (PII)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The entire network, including all security devices, is virtualized.

A

Software-Defined Network (SDN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A firewall that not only examines each packet but also remembers the recent previous packets.

A

Stateful Packet Inspection (SPI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization.

A

ISO/IEC 27001:2013

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Recommends best practices for initiating, implementing, and maintaining information security management systems.

A

ISO 27002

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This an agreement on shared or divided security responsibilities between the customer and cloud provider.

A

CLD.6.3.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

This control addresses how assets are returned or removed from the cloud when the contract is terminated.

A

CLD.8.1.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

This control states that the cloud provider must separate the customers’ virtual environment from other customers or outside parties.

A

CLD.9.5.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

This control states that the customer and the cloud provider both must ensure the virtual machines are hardened.

A

CLD.9.5.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

It is solely the customer’s responsibility to define and manage administrative operations.

A

CLD.12.1.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The cloud provider’s capabilities must enable the customer to monitor their own cloud environment.

A

CLD.12.4.5

18
Q

The virtual network environment must be configured so that it at least meets the security policies of the physical environment.

A

CLD.13.1.4

19
Q

Defines privacy requirements in a cloud environment-particularly how the customer and cloud provider must protect personally identifiable information (PII).

A

ISO 27018

20
Q

Publishes standards for electrical power companies.

A

North American Electric Reliability Corporation (NERC)

21
Q

The source for many of the national standards in the United States.

A

National Institute of Standards and Technology (NIST)

22
Q

What are the 6 phases of the IT security life cycle?

A
Phase 1: Initiation
Phase 2: Assessment
Phase 3: Solution
Phase 4: Implementation
Phase 5: Operations
Phase 6: Closeout
23
Q

A series of standards that define procedures for implementing electronically secure industrial automation and control systems (IACSs).

A

ISA/IEC-62443

24
Q

The standard used by Visa, Mastercard, American Express, and Discover.

A

Payment Card Industry Data Security Standard (PCI-DSS)

25
Q

What includes a wide variety of resources used in web application security?

A

Open Web Application Security Project (OWASP)

26
Q

Which security zone has the most sensitive systems, with mission-critical data?

A

Secure Zone

27
Q

Which security zone contains standard workstations and servers, with typical business data and functionality?

A

General Work Zone

28
Q

Which security zone contains computers, network segments, and systems that have no highly sensitive information, and the breach of these systems would have minimal impact?

A

Low Security Zone

29
Q

Not relying on a single control to address any security threat.

A

Control Diversity

30
Q

A hardware device used to create remote access VPNs.

A

VPN concentrator

31
Q

A software application that programmatically understands relationships.

A

Correlation engine

32
Q

A method of monitoring network traffic where the switch sends a copy of all network packets see on one port (or an entire VLAN) to another port, where the packet can be analyzed.

A

Port mirroring

33
Q

Freestanding devices that operate in a largely self-contained manner, requiring less maintenance ad support than a server-based product.

A

Appliance

34
Q

A firewall that has two Network Interface Cards (NICs)

A

Dual-homed firewall

35
Q

The encryption key used in SEDs.

A

Media Encryption Key (MEK)

36
Q

The key used to decrypt the MEK.

A

Key Encryption Key (KEK)

37
Q

Dedicated processors that use cryptographic keys to perform a variety of tasks.

A

Trusted Platform Modules (TPMs)

38
Q

Devices that handle digital keys and can be used to facilitate encryption as well as authentication via digital signatures.

A

Hardware Security Modules (HSMs)

39
Q

A process whereby the BIOS or UEFI makes a cryptographic hash of the operating system boot loader and any boot devices and compares that against a stored hash.

A

Secure boot

40
Q

A security process that has to begin with some unchangeable hardware identity often stored in a TPM.

A

Root of Trust (RoT)