Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IS3340 SEC. STRAT. IN WINDOWS PLATFORM & APPS. > IS3340 CHAPTER 7 > Flashcards

IS3340 CHAPTER 7 Flashcards

1
Q

A evaluation of a collection of one or more objects is called an ___?

A

AUDIT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A collection of configuration settings often collected and saved for the purposes of comparing to other similar collections of configuration settings is called ___?
A structured collection, or collection of specific item versions.

A

BASELINE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An easy-to-use tool that evaluates the current security state of computers in accordance with Microsoft security recommendations is called __?

A

MICROSOFT BASELINE SECURITY ANALYZER (MBSA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A graphical user interface framework that provides a centralized method to manage software components on Windows computers and is called ___?

A

MICROSOFT MANAGEMENT CONSOLE (MMC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A security scanner from Shavlik that scans and analyzes the patch status of product MBSA does not support is called ___?
This also has a Limited version.

A

NETCHK PROTECT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A consumer-based vulnerability scanner from Secunia that searches for vulnerable or out-of-date programs and plug-ins is called ___?
This runs in a Web browser and does not need to be installed on the computer it is scanning.

A

ONLINE SOFTWARE INSPECTOR (OSI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The process of comparing real computer configurations with known baselines for the purpose of documenting the pertinent differences with secure settings and similarities to insecure settings is called ___?

A

PROFILING

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A tool that helps administrators to analyze a computer and compare its configuration settings against a baseline is called ___?

A

SECURITY CONFIGURATION AND ANALYSIS (SCA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A text file that contains a list of configuration settings is called ___?

A

SECURITY TEMPLATE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An administrative program designed to run in the MMC is called ___?

A

SNAP-IN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. A baseline is the initial settings in a newly installed system.
    TRUE OR FALSE
A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. A baseline, also called a ___, is a collection of settings at a specific point in time.
A

Snapshot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Which Microsoft tool analyzes a computer’s settings and compares its configuration to a baseline?
  2. SCA
  3. MBSA
  4. NetChk
  5. OSI
A

SCA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Stored settings that comprise a baseline are stored in which type of files?
  2. Baseline configuration
  3. Baseline database
  4. Security template
  5. Security object
A

Security template

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. The Security Configuration and Analysis tool operates as a snap-in to the ___?
A

MMC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which command line tool provides the same scanning capability as SCA?
  2. secedit
  3. mbsacli
  4. scacli
  5. mbsaedit
A

secedit

17
Q
  1. Which of the following products does MBSA NOT analyze?
  2. IIS
  3. SQL Server
  4. Adobe Acrobat
  5. Windows 7
A

Adobe Acrobat

18
Q
  1. MBSA automatically ranks vulnerabilities by severity.

TRUE OR FALSE

A

TRUE

19
Q
  1. Which command line tool provides the same scanning capability as MBSA?
  2. secedit
  3. mbsacli
  4. scacli
  5. mbsaedit
A

.

20
Q
  1. Which security scanner looks for weak passwords?
  2. SCA
  3. OSI
  4. NetChk Protect
  5. MBSA
A

MBSA

21
Q
  1. What does NetChk Protect Limited do that MBSA does not do?
  2. Scans the latest Microsoft products
  3. Scans legacy Microsoft products
  4. Scans all Microsoft products
  5. Scans selected Microsoft products
A

Scans legacy Microsoft products

22
Q
  1. Which security scanner runs in a Web browser and doesn’t require that you install a product before scanning?
  2. NetChk Protect Limited
  3. MBSA
  4. OSI
  5. PSI
A

OSI

23
Q
  1. Which of the following statements best describe the relationship between profiling and auditing?
  2. Auditing is often a part of profiling
  3. Profiling is often a part of auditing
  4. Profiling and auditing are interchangeable terms
  5. If auditing is in place profiling is not necessary
A

Profiling is often a part of auditing

24
Q
  1. When designing an audit strategy, you should log access attempts on the ___ number of objects.
A

Minimum

25
Q
  1. What is the main purpose of an audit?
  2. Uncover problems
  3. Catch errors
  4. Validate compliance
  5. Standardize configurations
A

Validate compliance

IS3340 SEC. STRAT. IN WINDOWS PLATFORM & APPS. (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions