Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ SY0-601 > 1.7 Security Assessment Techniques > Flashcards

1.7 Security Assessment Techniques Flashcards

1
Q

Threat hunting is a game of cat and mouse. Why is it important to fight back against the adversaries?

A

Intelligence data is reactive. You can’t stop an attack off of info alone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

This is the process of combining multiple sources of intelligence in order to analyze massive amounts of data and find correlations.

A

Intelligence fusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 main steps of intelligence fusion?

A

Collect the data

Add external sources

Correlate with big data analytics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

This process involves moving firewalls, operating systems, setting firewall rules, and more to combat the constant change from multiple enemy fronts in the cyber realm.

A

Cybersecurity maneuvers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Less invasive than penetration testing. Involves scanning things like port security in order to detect possible vulnerabilities in your systems.

A

Vulnerability scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Name the 4 main vulnerability scan types and their purposes.

A

Non-intrusive - gather info

intrusive - exploit a vulnerability

non-credentialed - emulates external

credentialed - internal threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

This is what happens when a vulnerability scan indicates a problem when there really wasn’t one.

A

False positive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

This is when a vulnerability does exist but your scanner does not detect it.

A

False Negative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Whats the best way to mitigate vulnerabilities without having to use a vulnerability scanner?

A

Configuration reviews

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The process for logging security events and information.

A

Security information and event management (SIEM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

This is the standard used for security message logging, often integrated into a SIEM server. Requires lots of disk space to store logs.

A

Syslog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name a few data inputs that are logged thorugh SIEM.

A

– Server authentication attempts
– VPN connections
– Firewall session logs
– Denied outbound traffic flows
– Network utilizations

-Packet caputures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

This method has the goal of taking manual tasks in security management and automating them.

A

Security orchestration, automation, and response (SOAR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is oen of the biggest advantages of implementing SOAR for security management?

A

It is much faster and changes take place immediately

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ SY0-601 (37 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions