Chapter 8 Flashcards

Question 1

Q

Threat

Answer

A

Any circumstance or event that has the potential to compromise confidentiality, integrity, or availability

Compare with risk and vulnerability

Question 2

Q

Malicious Human threats

Question 3

Q

Accidental Human Threats

Question 4

Q

Environmental Threats

Question 5

Q

Threat Assessment

Answer

A

An evaluation of potential threats

Some common types of threat assessments are environmental, man made, internal, and external

Question 6

Q

Environmental

Question 7

Q

Manmade

Question 8

Q

Internal

Question 9

Q

External

Question 10

Q

Vulnerability

Answer

A

A weakness

It can be a weakness in the hardware, the software, the configuration, or even the users operating the system

Compare with Risk and Threat

Question 11

Q

Risk Management

Answer

A

The practice of identifying, monitoring, and limiting risks to a manageable level

It includes risk response techniques, qualitative risk assessments, and quantitative risk assessments

Question 12

Q

Risk Response Techniques

Answer

A

Methods used to manage risks

Common risk response techniques are accept, transfer, avoid, and mitigate

Question 13

Q

Risk Assessment

Answer

A

A process used to identify and prioritize risks

It includes quantitative risk assessments and qualitative risk assessments

Question 14

Q

Asset Value

Answer

A

An element of a risk assessment

It identifies the value of an asset and can include any product, system, resource, or process

The value can be a specific monetary value or a subjective value

Question 15

Q

Quantitative Risk Assessment

Answer

A

A risk assessment that uses specific monetary amounts to identify cost and asset value

It then uses the SLE and ARO to calculate the ALE

Question 16

Q

SLE

Answer

A

Single loss expectancy

The monetary value of any single loss

It is used to measure risk with ALE and ARO in a quantitative risk assessment

The calculation is SLE x ARO = ALE

Question 17

Q

ARO

Answer

A

Annual (or annulaized) rate of occurance

The number of times a loss is expected to occur in a year

It is used to measure risk with ALE and SLE in a quantitative risk assessment

Question 18

Q

ALE

Answer

A

Annual (or annualized) loss expectancy

The expected loss for a year

It is used to measure risk with ARO and SLE in a quantitative risk assessment

The calculation is SLE x ARO = ALE

Question 19

Q

Qualitative Risk Assessment

Answer

A

A risk assessment that uses judgement to categorize risks

It is based on impact and likelihood of occurrence

Question 20

Q

Likelihood of Occurence

Answer

A

The probability that something will occur

It is used with impact in a qualitative risk assessment

Compare with Impact

Question 21

Q

Impact

Answer

A

The magnitude of harm related to a risk

It is the negative result of an event, such as the loss of confidentiality, integrity, or availability of a system or data

Compare with likelihood of occurrence

Question 22

Q

Web Server

Question 23

Q

Library Computer

Question 24

Q

Risk Register

Answer

A

A document listing information about risks

It typically includes risk scores along with recommended security controls to reduce the risk scores

Question 25

Q

Supply Chain Assessment

Answer

A

An evaluation of the supply chain needed to produce and sell a product

It includes raw materials and all the processes required to create and distribute a finished product

Question 26

Q

Password Cracker

Answer

A

A tool used to discover passwords

Question 27

Q

Network Scanner

Answer

A

A tool used to discover devices on a network, including their IP addresses, their operating system, along with services and protocols running on the devices

Question 28

Q

Ping Scan

Question 29

Q

ARP Ping Scan

Question 30

Q

SYN Stealth Scan

Question 31

Q

Port Scan

Question 32

Q

Service Scan

Question 33

Q

OS Detection

Question 34

Q

Network Mapping

Answer

A

A process used to discover devices on a network, including how they are connected

Question 35

Q

Wireless Scanners

Answer

A

A network scanner that scans wireless frequency bands

Scanners can help discover rogue APs and crack passwords used by wireless APs

Question 36

Q

SSIDs

Answer

A

Service set identifier is the name of a wireless network

SSIDs can be set to broadcast so users can easily see it

Disabling SSID broadcast hides it from casual users

Question 37

Q

MAC Addresses

Question 38

Q

Signal Strength

Question 39

Q

Channels

Question 40

Q

Channel Widths

Question 41

Q

Security

Question 42

Q

Vulnerability Scanner

Answer

A

A tool used to detect vulnerabilities

A scan typically identifies vulnerabilities, misconfigurations, and a lack of security controls

It passively tests security controls

Question 43

Q

Open Ports

Question 44

Q

Weak Passwords

Question 45

Q

Default Accounts and Passwords

Question 46

Q

Sensitive Data

Question 47

Q

Security and Configuration Errors

Question 48

Q

Configuration Compliance Scanner

Answer

A

A type of vulnerability scanner that verifies systems are configures correctly

It will often use a file that identifies the proper configuration for systems

Question 49

Q

Penetration Testing

Answer

A

A method of testing targeted systems to determine if vulnerabilities can be exploited

Penetration tests are intrusive

Compare with Vulnerability Scanner

Question 50

Q

Passive Reconnaissance

Answer

A

A penetration testing method used to collect information

It typically uses open-source intelligence

Compare with Active Reconnaissance

Question 51

Q

Active Reconnaissance

Answer

A

A penetration testing method used to collect information

It sends data to system and analyzes responses to gain information on the target

Compare with passive reconnaissance

Question 52

Q

Pivot

Answer

A

One of the steps in penetration testing

After escalating privileges, the tester uses additional tools to gain additional information on the exploited computer or on the network

Question 53

Q

Black Box Testing

Answer

A

A type of penetration test

Testers have zero knowledge of the environment prior to starting the test

Compare with gray box test and white box test

Question 54

Q

White Box Testing

Answer

A

A type of penetration test

Testers have full knowledge of the environment prior to starting the test

Compare with black box test and gray box test

Question 55

Q

Gray Box Testing

Answer

A

A type of penetration test

Testers have some knowledge of the environment prior to starting the test

Compare with black box test and white box test

Question 56

Q

Exploitation Frameworks

Answer

A

Tools used to store information about security vulnerabilities

They are often used by penetration testers (and attackers) to detect and exploit software

Question 57

Q

Protocol Analyzer

Answer

A

A tool used to capture network traffic

Both professionals and attackers use protocol analyzers to examine packets

A protocol analyzer can be used to view data sent in clear text

Question 58

Q

Nmap

Answer

A

A command-line tool used to scan networks

It is a type of network scanner

Question 59

Q

Netcat

Answer

A

A command-line tool used to connect to remote systems

Question 60

Q

Transferring Files

Question 61

Q

Port scanner

Question 62

Q

Application

Question 63

Q

System

Question 64

Q

Antivirus Logs

Answer 35

A

Security information and event management

A security system that attempts to look at security events throughout the organization

Answer 36

A

** Worm is a Self-replicating malware that travels through a network

Worms do not need user interaction to execute

Answer 37

A

An audit that analyzes user privileges

It identifies the privileges (rights and permissions) granted to users, and compares them against what the users need

Brainscape's Knowledge GenomeTM

Chapter 8 Flashcards

Using Risk Management Tools

Brainscape's Knowledge Genome^TM