Security Operations

Question 1

Identifies any unacceptable deviation from expected behavior based on actual traffic structure.

Answer 1

Traffic Anomaly-based IDS

Question 2

Science of hiding information

Answer 2

Steganography

Question 3

Analyzes event data by comparing it to typical, known, or predicted traffic profiles in an effort to find potential security breaches.

Answer 3

Statistical Anomaly-based IDS

Question 4

Credential cards with one or more microchip processing that accepts or processes information & can be contact or contactless.

Answer 4

Smart Cards

Question 5

Accounts used to provide privileged access used by system services & core applications.

Answer 5

Service Accounts

Question 6

Group of technologies which aggregate information about access controls & selected system activity to store for analysis & correlation.

Answer 6

Security Information & Event Management (SIEM)

Question 7

A form of software virtualization that lets programs & processes run in their own isolated virtual environment.

Answer 7

Sandboxing

Question 8

Lock or latch typically mounted on the surface of a door, typically associated with a dead bolt type of lock.

Answer 8

Rim Lock

Question 9

Measure of the existing magnetic field on the media after degaussing

Answer 9

Remanence

Question 10

A suite of technologies aimed at stemming the loss of sensitive information that occurs in the enterprise.

Answer 10

Data Loss Prevention (DLP)

Question 11

Discipline for evaluating, coordinating, approving or disapproving, & implementing changes in artifacts that are used to construct & maintain software systems.

Answer 11

Configuration Management

Question 12

Lock controlled by touch screen, typically 5-10 digits that when pushed in the right combination the lock will release & allows entry.

Answer 12

Cipher Lock

Question 13

The who, what, when, where, and how the evidence was handled - from its identification through its entire life cycle, which ends with destruction, permanent archiving, or returning to owner.

Answer 13

Chain of Custody

Question 14

Devices that use a magnetic field or mechanical contact to determine if an alarm signal is initiated.

Answer 14

Balanced Magnetic Switch (BMS)

Question 15

Accounts that are assigned only to named individuals that require Admin access to the system to perform maintenance activities, & should be different & separate from a user’s normal account.

Answer 15

Admin Accounts

Question 16

Device that uses passive listening devices

Answer 16

Acoustic Sensors

Question 17

Technology that alerts organizations to adverse or unwanted activity.

Answer 17

Intrusion Detection Systems (IDS)

Question 18

Provide a quick way to disable a key by permitting one turn of the master key to change a lock

Answer 18

Instant Keys

Question 19

A focused Infrared (IR) light beam is projected from an emitter & bounced off of a reflector that is placed at the other side of the detection area.

Answer 19

Infrared Linear Beam Sensors

Question 20

Practice of monitoring & potentially restricting the flow of information outbound from one network to another.

Answer 20

Egress Filtering

Question 21

States that when a crime is committed, the perpetrators leave something behind & take something with them, hence the exchange.

Answer 21

Locard’s Exchange Principle

Question 22

Data that are dynamic & exist in running processes or other volatile locations (RAM) that disappear in a relatively short time once the system is powered down.

Answer 22

Live Evidence

Question 23

Two or more honeypots on a network

Answer 23

Honeynet

Question 24

A centralized collection of honeypots & analysis tools

Answer 24

Honeyfarm

Question 25

Decoy servers or systems setup to gather information regarding an attacker or intruder into your system.

Answer 25

Honeypot

Question 26

A technology that monitors activity like an IDS but will automatically take proactive preventative action if it detects unacceptable activity.

Answer 26

Intrusion Prevention Systems (IPS)

Question 27

The party-to-party litigation costs resulting from its breach of warranties.

Answer 27

Indemnification

Question 28

Essential activities to protect business information & can be established in compliance with laws, regulations, or corporate governance.

Answer 28

Records & Information Management (RIM)

Question 29

Use embedded antenna wires connected to a chip within the card through RF.

Answer 29

Proximity Cards

Question 30

Identifies any unacceptable deviation from expected behavior based on known network protocols.

Answer 30

Protocol Anomaly-Based IDS

Question 31

Accounts granted greater privileges than normal user accounts when it is necessary for the user to have greater control over the system, but where Admin access is not required.

Answer 31

Power Users

Question 32

A lock or latch that is recessed into the edge of a door, rather than being mounted to its surface.

Answer 32

Mortise Lock

Question 33

Consists of a magnetically sensitive strip fused onto the surface of a PVC material, like a credit card.

Answer 33

Magnetic Stripe Cards

Question 34

Send induced radio frequency (RF) signals down a cable that is attached to the fence fabric.

Answer 34

Time Domain Reflectometry (TDR)