Chapter 4: Auditing and Accountability Flashcards

1
Q

trace activities in our environment back to their source

A

accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

refers to a situation in which sufficient evidence exists as to prevent an individual form successfully denying that he or she has made a statement, or taken an action

A

nonrepudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

primary means to ensure accountability through technical means

A

auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

gives us a history of the activities that have taken place in the environment

A

logging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

a subset of auditing and tends to focus on observing information about the environment in question

A

monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

when an audit takes a more active route toward determining whether everything is as it should be and compliant with relevant laws, regulations, or policies

A

Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

uses vulnerability scanning tools in order to locate such vulnerabilities

A

vulnerability assessments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

generally work by scanning the target systems discover which ports are open on them, and then interrogating each open port to find out exactly which service is listening on the port in question.

A

vulnerability scanning tools like Nessus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

a more active method of finding security holes

A

penetration testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

standards used by credit card industry that lays requirements for vendors to protect customer’s data

A

Payment Card Industry (PCI) Data Security Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly