L03

Question 1

Vulnerability Management Life Cycle

Answer 1

Question 2

Risk Management

Answer 2

Does not mean removing all risk, but implementing the following:

• identify the risk
• measure the risk (how likely is it?, how serious would it be?
• monitor and report the risk
• control the risk
• audit and adjust the risk management process

Question 3

Patch Deployment

Answer 3

Software code is written to solve a software issues

Question 4

Manual Protection of Vulnerabilites

Answer 4

Network managers/technicians take steps to remove or reduce the vulnerability.

Question 5

Automated Tools used for Protection of Vulnerabilites

Answer 5

Tools can identify and repair vulnerabilities without human intervention.

Question 6

Hardware Resources

Answer 6

servers, computers, tablets, printers, scanners, plotters, cameras

Question 7

Software Resources

Answer 7

word processors, databases, spreadsheets, utilities, bespoke software, financial packages etc.

Question 8

Communication Equipment

Answer 8

hubs, routers, bridges, gateways, modems, cabling, telephone systems

Question 9

Information and Data

Answer 9

customer data, employee records, contract data, financial reports, production figures, production costs, sales figures, marketing information

Question 10

Vulnerability assessment

Answer 10

Tools to discover which vulnerabilities are present, but they do not differentiate between flaws that can be exploited to cause damage and those that cannot.

Vulnerability scanners alert companies to the pre-existing flaws in their code and where they are located.

Question 11

Penetration test

Answer 11

is an authorised simulated attack on a computer system that looks for security weaknesses, potentially gaining access to the system’s features and data.

Question 12

Honeypot

Answer 12

A honeypot is a computer or computer system intended to mimic likely targets of cyberattacks. It can be used to detect attacks or deflect them from a legitimate target.

It can also be used to gain information about how cybercriminals operate.

Question 13

Fuzz testing

Answer 13

software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system in an attempt to make it crash.

Question 14

Sandboxing

Answer 14

is an isolated computing environment in which a program or file can be executed without affecting the application in which it runs. Sandboxes are used by software developers to test new programming code.

Question 15

Asset

Answer 15

anything of value owned by an individual or organisation

Question 16

Biometrics

Answer 16

Means the identification of individuals by using their biological characteristics or body parts. These include fingerprints, retinal or iris scans or facial recognition.

Question 17

Software controls

Answer 17

any computer program designed to enhance information security and defend computers against intrusion (malware) and unauthorized access.

· Firewalls

· Anti-malware

· Operating system updates

· Patch management

Question 18

Intrusion Detection System (IDS)

Answer 18

is a device or software application that monitors a network or systems for malicious activity or policy violations and notifies the relavant managers of a potential intrusion

Question 19

Network Intrusion Detection System (NDIS)

Answer 19

installed only at specific points such as servers that interface between the outside environment and the network segment to be protected.

Question 20

Host Intrusion Detection System (HDIS)

Answer 20

are methods of security management for computers, e.g. anti-threat applications such as firewalls, antivirus software and spyware-detection programs are installed on every network computer that has two-way access to the outside environment such as the Internet.

Question 21

Intrusion Prevention Systems (IPS)

Answer 21

Devices or programs that detect attempts at intrusion and take action to prevent them.

Question 22

Encryption

Answer 22

The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.

Question 23

Asymmetric encryption

Answer 23

A public key is made freely available to anyone who might want to send you a message. A second, private key is kept secret, so that only you know it.

Question 24

Symmetric encryption

Answer 24

As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that use this key.

Question 25

Bring your own device (BYOD)

Answer 25

Refers to the policy of permitting employees to bring personally owned devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications.

Question 26

Procedures and Policies

Answer 26

• Acceptable use
• Email policy
• Password protection policy
• Disaster recovery plan

Question 27

Cryptography

Answer 27

Is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Techniques such as microdots, merging words with images, and other ways to hide information in storage or transit.