Mitigation Techniques 2.5 Flashcards

1
Q

Patching

A
  • replacement code
  • Designed to correct problems or vulnerabilities.
  • A way to prevent an attack.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Encryption

A
  • Securing data on another system.
  • Prevent access to application data files.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Encrypted File System (EFS)

A
  • Security feature of Windows.
  • Enables transparent encryption/decryption of files on the system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Full Disk Encryption (FDE)

A
  • Encrypting an entire disk
  • Protects all the contents in the container.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Application Data Encryption

A
  • Encryption is managed by the app.
  • Stored data is protected.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Monitoring

A
  • A way to identify security events.
  • Aggregrate information from devices
  • Built-in or external to a device.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Sensors

A
  • Capture data and act upon it.
  • Can report what is observed.
  • Can use multiple readings to match a pattern and create an event.
  • Act based on proscribed rules.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Network Based Sensors

A
  • Provide coverage across multiple machines.
  • Limited by traffic engineering systems that packets pass them.
  • Analysis is limited in their ability to make precise decisions on content.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Host-Based Sensors

A
  • Provide more specific and accurate information in relation to what the host machine is seeing and doing.
  • Limited to just that host.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Collectors

A
  • Sensors, or concentrators that combine multiple sensors.
  • Collect data for processing by other systems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Examples of Collectors

A
  • Proprietary consoles, SIEM consoles, syslog servers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security Information and Event Management SIEM

A
  • Collects, aggregates, and applies pattern matching to the volumes of data.
  • Turns the tables of data into meaningful actionable information.
  • A central source of monitoring data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Least Privilege

A
  • Giving users access to information and systems they need to perform their duties.
  • Rights and permissions are set to the bare minimum.
  • Limits the scope of malicious behavior.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Configuration Enforcement

A
  • Enforces the configuration of a system logging onto the network.
  • Checks if the OS is up to date on firewalls, antivirus software, and other security features
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

If System is Out-of-Date According to Configuration Enforcement Procedures

A
  • Systems are quarantined.
  • Brought to a private VLAN with limited access to bring the system up to date.
  • Recheck the system after making corrections.D
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Decomissioning

A
  • Mostly associated with storage devices such as Hard Drives, SSDs, and USB Drives.
  • The event of a system or device is no longer needed.
17
Q

Other Options Before Decomissioning

A
  • Recycle the device to use in another system.
  • Destroy the device completely.