Chapter 3 Flashcards
What is NIST-800-82 used for?
Industrial control systems
What is NIST-800-30 used for?
U.S. standards for conducting risk assessments
What is ISO 27002 for?
International standard for implementing and maintaining information for security systems
What is ISO 27017 for?
International standard for cloud security
What is NIST 800-12 for?
General security standard
What is NIST 800-14 for?
Standard for policy development
What does OWASP do?
de facto standard for web application security
How is a network operating system determined?
The operating system running on the domain controller.
What does NIST 500-53 do?
organizes security measure into families of controls
What wireless protocols deal with IV attacks?
WEP
What is RTOS?
A real time operating system is a secure system for embedded devices
What 802.11 standard is supported in WPA2 but not WEP or WPA?
802.11i
What is the primary difference between waterfall and agile?
Agile repeats phases
What is an immutable server?
Server’s configuration cannot be changed
Proper sequence for waterfall method?
Requirements, design, implementation, testing, deployment, maintenance
Why do memory leaks happen?
Caused by failure to deallocate memory that has been allocated.
What does a static code analyzer do?
Checks to see if all memory allocation commands have a matching deallocation command.
What should you do after making a change to a system?
Regression Testing
What is the primary purpose of AH in IPsec?
Authenticate the entire packet
What does aggregation switches do?
Link aggregation switches allow you to combine the bandwidth of multiple links into one connection.
