12-5

Question 1

this is another eay to use scanning tool for windows. downloaded from Major Geeks. enables you to monitor all open TCP and UDP ports on the local computer. maps ports to the owning application so you can watch which process has been opened.

Answer 1

Active ports

Question 2

reports all open TCP/IP and UDP ports and maps them to owning application

Answer 2

Fport

Question 3

a windows program that will show you detailed listing of all TCP and UDP endpoints on your system including remote address and state of TCP connections.

Answer 3

TCPView

Question 4

port scanner originally from Foundstone now distributed by McAfee

Answer 4

Superscan

Question 5

not the most robust vulnerability assessment tool, but it has an easy-to-use interface. you can scan on a machine or many others. prints out a report.

Answer 5

Microsoft baseline security analyzer

Question 6

offers basic system enumeration

Answer 6

NSA auditor

Question 7

most popular port scanner out there

Answer 7

NMAP

Question 8

the most common list of vulnerabilities maintained by the MITRE corporation. its the most common and most comprehensive list. allows security professionals to communicate effectively about vulnerabilities.

Answer 8

CVE ( common Vulnerability Exposures )

Question 9

maintains a database of vulnerabilities that you can access at NVD. also uses CVE format.

Answer 9

NIST National institute of Standards and Technology

Question 10

standard for web application security.

Answer 10

owasp

Question 11

a way of evaluating security of a network, looking at all aspects. it looks at security as a three-dimensional cube. the three dimensions are goals, information states, and safeguards, describe next.

Answer 11

McCumber Cube

Question 12

three goals of cybersecurity

Answer 12

CIA

Question 13

information states

Answer 13

storage
transmission
processing

Question 14

information security safeguards

Answer 14

policy and practices
human factors
technology