Chapter 8 Flashcards

Using Risk Management Tools

1
Q

Threat

A

Any circumstance or event that has the potential to compromise confidentiality, integrity, or availability

Compare with risk and vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Malicious Human threats

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Accidental Human Threats

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Environmental Threats

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Threat Assessment

A

An evaluation of potential threats

Some common types of threat assessments are environmental, man made, internal, and external

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Environmental

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Manmade

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Internal

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

External

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Vulnerability

A

A weakness

It can be a weakness in the hardware, the software, the configuration, or even the users operating the system

Compare with Risk and Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Risk Management

A

The practice of identifying, monitoring, and limiting risks to a manageable level

It includes risk response techniques, qualitative risk assessments, and quantitative risk assessments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Risk Response Techniques

A

Methods used to manage risks

Common risk response techniques are accept, transfer, avoid, and mitigate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Risk Assessment

A

A process used to identify and prioritize risks

It includes quantitative risk assessments and qualitative risk assessments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Asset Value

A

An element of a risk assessment

It identifies the value of an asset and can include any product, system, resource, or process

The value can be a specific monetary value or a subjective value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Quantitative Risk Assessment

A

A risk assessment that uses specific monetary amounts to identify cost and asset value

It then uses the SLE and ARO to calculate the ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SLE

A

Single loss expectancy

The monetary value of any single loss

It is used to measure risk with ALE and ARO in a quantitative risk assessment

The calculation is SLE x ARO = ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

ARO

A

Annual (or annulaized) rate of occurance

The number of times a loss is expected to occur in a year

It is used to measure risk with ALE and SLE in a quantitative risk assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

ALE

A

Annual (or annualized) loss expectancy

The expected loss for a year

It is used to measure risk with ARO and SLE in a quantitative risk assessment

The calculation is SLE x ARO = ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Qualitative Risk Assessment

A

A risk assessment that uses judgement to categorize risks

It is based on impact and likelihood of occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Likelihood of Occurence

A

The probability that something will occur

It is used with impact in a qualitative risk assessment

Compare with Impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Impact

A

The magnitude of harm related to a risk

It is the negative result of an event, such as the loss of confidentiality, integrity, or availability of a system or data

Compare with likelihood of occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Web Server

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Library Computer

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Risk Register

A

A document listing information about risks

It typically includes risk scores along with recommended security controls to reduce the risk scores

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Supply Chain Assessment

A

An evaluation of the supply chain needed to produce and sell a product

It includes raw materials and all the processes required to create and distribute a finished product

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Password Cracker

A

A tool used to discover passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Network Scanner

A

A tool used to discover devices on a network, including their IP addresses, their operating system, along with services and protocols running on the devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Ping Scan

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

ARP Ping Scan

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

SYN Stealth Scan

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Port Scan

A

Filler

32
Q

Service Scan

A

Filler

33
Q

OS Detection

A

Filler

34
Q

Network Mapping

A

A process used to discover devices on a network, including how they are connected

35
Q

Wireless Scanners

A

A network scanner that scans wireless frequency bands

Scanners can help discover rogue APs and crack passwords used by wireless APs

36
Q

SSIDs

A

Service set identifier is the name of a wireless network

SSIDs can be set to broadcast so users can easily see it

Disabling SSID broadcast hides it from casual users

37
Q

MAC Addresses

A

Filler

38
Q

Signal Strength

A

Filler

39
Q

Channels

A

Filler

40
Q

Channel Widths

A

Filler

41
Q

Security

A

Filler

42
Q

Vulnerability Scanner

A

A tool used to detect vulnerabilities

A scan typically identifies vulnerabilities, misconfigurations, and a lack of security controls

It passively tests security controls

43
Q

Open Ports

A

Filler

44
Q

Weak Passwords

A

Filler

45
Q

Default Accounts and Passwords

A

Filler

46
Q

Sensitive Data

A

Filler

47
Q

Security and Configuration Errors

A

Filler

48
Q

Configuration Compliance Scanner

A

A type of vulnerability scanner that verifies systems are configures correctly

It will often use a file that identifies the proper configuration for systems

49
Q

Penetration Testing

A

A method of testing targeted systems to determine if vulnerabilities can be exploited

Penetration tests are intrusive

Compare with Vulnerability Scanner

50
Q

Passive Reconnaissance

A

A penetration testing method used to collect information

It typically uses open-source intelligence

Compare with Active Reconnaissance

51
Q

Active Reconnaissance

A

A penetration testing method used to collect information

It sends data to system and analyzes responses to gain information on the target

Compare with passive reconnaissance

52
Q

Pivot

A

One of the steps in penetration testing

After escalating privileges, the tester uses additional tools to gain additional information on the exploited computer or on the network

53
Q

Black Box Testing

A

A type of penetration test

Testers have zero knowledge of the environment prior to starting the test

Compare with gray box test and white box test

54
Q

White Box Testing

A

A type of penetration test

Testers have full knowledge of the environment prior to starting the test

Compare with black box test and gray box test

55
Q

Gray Box Testing

A

A type of penetration test

Testers have some knowledge of the environment prior to starting the test

Compare with black box test and white box test

56
Q

Exploitation Frameworks

A

Tools used to store information about security vulnerabilities

They are often used by penetration testers (and attackers) to detect and exploit software

57
Q

Protocol Analyzer

A

A tool used to capture network traffic

Both professionals and attackers use protocol analyzers to examine packets

A protocol analyzer can be used to view data sent in clear text

58
Q

Nmap

A

A command-line tool used to scan networks

It is a type of network scanner

59
Q

Netcat

A

A command-line tool used to connect to remote systems

60
Q

Transferring Files

A

Filler

61
Q

Port scanner

A

Filler

62
Q

Application

A

Filler

63
Q

System

A

Filler

64
Q

Antivirus Logs

A

Filler

65
Q

Application Logs

A

Filler

66
Q

Performance Logs

A

Filler

67
Q

SIEM

A

Security information and event management

A security system that attempts to look at security events throughout the organization

68
Q

Aggregation

A

Filler

69
Q

Correlation Engine

A

Filler

70
Q

Automated Alerting

A

Filler

71
Q

Automated Triggers

A

Filler

72
Q

Time Synchronization

A

Filler

73
Q

Event Deduplication

A

Filler

74
Q

Logs/WORM

A

** Worm is a Self-replicating malware that travels through a network

Worms do not need user interaction to execute

75
Q

Permission Auditing Review

A

An audit that analyzes user privileges

It identifies the privileges (rights and permissions) granted to users, and compares them against what the users need