IS3110 CHAP 8 Flashcards
A check to see if an organization is following rules and guidelines. A vulnerability assessment check to see if internal policies are followed
Audit
A series of events recorded in one or more logs. It records who, what, where, and when. They can be in operating system logs like the MicrosoftSecurity log, or application logs like a firewall log.
Audit trail
A formal process requiring that changes be made only after they have been reviewed and submitted. This reduces outages caused by unauthorized changes.
Change management
___ testing that tries to exploit vulnerabilities. Vulnerability testing identifies potential vulnerabilities, and ___ determines if the vulnerabilities can actually be exploited. ___ can take down systems.
(All blanks are the same term)
Exploit testing
A report created by comparing exploits that should be controlled, with the exploits that are controlled. Any uncontrolled exploits represent a gap in analysis. A ___ is often performed when an organization is trying to comply with legal requirements such as HIPAA.
Gap analysis
A security principle that grants users only the minimum rights and permissions needed to perform their job. This is similar to the need-to-know principle. However, the need-to-know principle focuses only on permissions for data, not rights.
Least-privilege principle
A security principle that grants users access only to the data they need to perform their job. This is similar to the least-privilage-principle. However, the least-privilege principle includes rights and permissions, while the ___ principle focuses only on permissions for data.
Need-to-know principle
Testing performed to see if a vulnerability can be exploited. ___ is done after a vulnerability assessment. It can be invasive and can take systems down.
Penetration testing
Tactics used to trick people into revealing sensitive information or taking unsafe actions. ___ tactics include conning people over the phone or in person. It also includes phishing and other technical tactics.
Social engineering
An attempt that targets a specific company. ___ looks as if it came from someone within the company and is more successful against unaware employees.
Spear phishing
A process used to identify and evaluate potential threats. The goal is to identify as many potential threats as possible. These threats are then evaluated to determine the likelihood of the threat.
Threat assessment
A database term that allows several database statements to succeed as a whole, or if any single statement fails, the entire ___ fails. A failed ___ is not applied to the database.
Transaction
- The two major categories of threats are human and ___.
Natural
- A threat is any activity that represents a possible danger, with the potential to affect confidentiality, integrity, or availability.
TRUE OR FALSE
FALSE
- Which of the following methods can be used to identify threats?
- Review historical data
- Perform threat modeling
- 1 & 2
- None of above
Review historical data
Perform threat modeling
- What are some sources of internal threats? (Select all that apply)
- Disgruntled employee
- Equipment failure
- Software failure
- Data loss
Disgruntled employee
Equipment failure
Software failure
Data loss
- Which of the following choices is not considered a best practice when identifying threats?
- Verify systems operate and are controlled as expected
- Limit the scope of the assessment
- Consider threats to confidentiality, integrity, and availability
- Assume the systems have not changed since the last threat assessment
Assume the systems have not changed since the last threat assessment
- A ___ assessment is used to identify vulnerabilities within an organization.
Vulnerability
- Who should perform vulnerability assessments?
- Internal security professionals working as employees
- External security professionals hired as consultants
- Either internal or external security professionals or both
- Only the IT personnel that own the systems
Either internal or external security professionals or both
- What is the name of a common tool used to perform an automated vulnerability assessment scan?
- Wireshark
- Superscan
- Nessus
- VA Scanner
Nessus
- What is a common drawback or weakness of a vulnerability scanner?
- A high false-positive error rate
- A high false-negative error rate
- A low false-positive error rate
- A low false-negative error rate
A high false-positive error rate
Your organization wants to check compliance with internal rules and guidelines. They want to ensure that existing policies are being followed. What should be performed?
- Threat assessment
- Gap analysis
- An audit trail
- An audit
An audit
- You want to know if users are granted the rights and permissions needed to do their job only, and no more. You should perform a(n) ___ test.
Access control
- You want to identify if any of the discovered vulnerabilities can be expiated. What should you perform?
- Audit
- Transaction and applications test
- Functionality test
- Exploit assessment
Exploit assessment
- Your organization is governed by HIPAA. You suspect that your organization is not in compliance. What would document the differences between what is required and what is currently implemented?
- Gap analysis
- Vulnerability assessment
- Threat assessment
- Penetration test
Gap analysis
- What management program can be implemented to ensure that the configuration of systems is not modified without a formal approval?
- Configuration management
- Change management
- Gap analysis
- Process analysis
Change management
- Configuration management ensures that changes are not made to a system without formal approval.
TRUE OR FALSE
FALSE
