IS3110 CHAP 8

Question 1

A check to see if an organization is following rules and guidelines. A vulnerability assessment check to see if internal policies are followed

Answer 1

Audit

Question 2

A series of events recorded in one or more logs. It records who, what, where, and when. They can be in operating system logs like the MicrosoftSecurity log, or application logs like a firewall log.

Answer 2

Audit trail

Question 3

A formal process requiring that changes be made only after they have been reviewed and submitted. This reduces outages caused by unauthorized changes.

Answer 3

Change management

Question 4

___ testing that tries to exploit vulnerabilities. Vulnerability testing identifies potential vulnerabilities, and ___ determines if the vulnerabilities can actually be exploited. ___ can take down systems.
(All blanks are the same term)

Answer 4

Exploit testing

Question 5

A report created by comparing exploits that should be controlled, with the exploits that are controlled. Any uncontrolled exploits represent a gap in analysis. A ___ is often performed when an organization is trying to comply with legal requirements such as HIPAA.

Answer 5

Gap analysis

Question 6

A security principle that grants users only the minimum rights and permissions needed to perform their job. This is similar to the need-to-know principle. However, the need-to-know principle focuses only on permissions for data, not rights.

Answer 6

Least-privilege principle

Question 7

A security principle that grants users access only to the data they need to perform their job. This is similar to the least-privilage-principle. However, the least-privilege principle includes rights and permissions, while the ___ principle focuses only on permissions for data.

Answer 7

Need-to-know principle

Question 8

Testing performed to see if a vulnerability can be exploited. ___ is done after a vulnerability assessment. It can be invasive and can take systems down.

Answer 8

Penetration testing

Question 9

Tactics used to trick people into revealing sensitive information or taking unsafe actions. ___ tactics include conning people over the phone or in person. It also includes phishing and other technical tactics.

Answer 9

Social engineering

Question 10

An attempt that targets a specific company. ___ looks as if it came from someone within the company and is more successful against unaware employees.

Answer 10

Spear phishing

Question 11

A process used to identify and evaluate potential threats. The goal is to identify as many potential threats as possible. These threats are then evaluated to determine the likelihood of the threat.

Answer 11

Threat assessment

Question 12

A database term that allows several database statements to succeed as a whole, or if any single statement fails, the entire ___ fails. A failed ___ is not applied to the database.

Answer 12

Transaction

Question 13

1. The two major categories of threats are human and ___.

Answer 13

Natural

Question 14

2. A threat is any activity that represents a possible danger, with the potential to affect confidentiality, integrity, or availability.
   TRUE OR FALSE

Answer 14

FALSE

Question 15

3. Which of the following methods can be used to identify threats?
4. Review historical data
5. Perform threat modeling
6. 1 & 2
7. None of above

Answer 15

Review historical data

Perform threat modeling

Question 16

4. What are some sources of internal threats? (Select all that apply)
5. Disgruntled employee
6. Equipment failure
7. Software failure
8. Data loss

Answer 16

Disgruntled employee
Equipment failure
Software failure
Data loss

Question 17

5. Which of the following choices is not considered a best practice when identifying threats?
6. Verify systems operate and are controlled as expected
7. Limit the scope of the assessment
8. Consider threats to confidentiality, integrity, and availability
9. Assume the systems have not changed since the last threat assessment

Answer 17

Assume the systems have not changed since the last threat assessment

Question 18

6. A ___ assessment is used to identify vulnerabilities within an organization.

Answer 18

Vulnerability

Question 19

7. Who should perform vulnerability assessments?
8. Internal security professionals working as employees
9. External security professionals hired as consultants
10. Either internal or external security professionals or both
11. Only the IT personnel that own the systems

Answer 19

Either internal or external security professionals or both

Question 20

8. What is the name of a common tool used to perform an automated vulnerability assessment scan?
9. Wireshark
10. Superscan
11. Nessus
12. VA Scanner

Answer 20

Nessus

Question 21

9. What is a common drawback or weakness of a vulnerability scanner?
10. A high false-positive error rate
11. A high false-negative error rate
12. A low false-positive error rate
13. A low false-negative error rate

Answer 21

A high false-positive error rate

Question 22

Your organization wants to check compliance with internal rules and guidelines. They want to ensure that existing policies are being followed. What should be performed?

1. Threat assessment
2. Gap analysis
3. An audit trail
4. An audit

Answer 22

An audit

Question 23

11. You want to know if users are granted the rights and permissions needed to do their job only, and no more. You should perform a(n) ___ test.

Answer 23

Access control

Question 24

12. You want to identify if any of the discovered vulnerabilities can be expiated. What should you perform?
13. Audit
14. Transaction and applications test
15. Functionality test
16. Exploit assessment

Answer 24

Exploit assessment

Question 25

13. Your organization is governed by HIPAA. You suspect that your organization is not in compliance. What would document the differences between what is required and what is currently implemented?
14. Gap analysis
15. Vulnerability assessment
16. Threat assessment
17. Penetration test

Answer 25

Gap analysis

Question 26

14. What management program can be implemented to ensure that the configuration of systems is not modified without a formal approval?
15. Configuration management
16. Change management
17. Gap analysis
18. Process analysis

Answer 26

Change management

Question 27

15. Configuration management ensures that changes are not made to a system without formal approval.
    TRUE OR FALSE

Answer 27

FALSE