Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SecEng > Misconfiguration > Flashcards

Misconfiguration Flashcards

1
Q

What are the main factors which make secure configuration difficult?

A

Personal factors: lack of knowledge, lack of experience, other priorities
Environmental factors: Sole responsibility, insufficient Q/A, Time pressure
System factors: Usage of defaults, complexity of the system, legacy support

Also: imprecise laws!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the idea behind SCAP (Security Content Automation Protocol) and what are its main components?

A

Idea: standard to enable automated vulnerability management, measurement, and policy compliance evaluation
Components:
- Common Vulnerabilities and Exposures (CVE)
- Extensible Configuration Checklist Description Format (XCCDF)
- Open Vulnerability and Assessment Language (OVAL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the idea behind the center for internet security (CIS)?

A
  • publishes security configuration guides (CIS workbench)

- users can contribute to benchmarks by adding rules / changing rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are some open problems with security configuration?

A
  • how to automate the process? some approaches: OpenSCAP (Linux), Scapolite (Windows)
  • how to track differences between CIS guides and our policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

SecEng (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions