Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + Messer > 1.7 - Security Assessments > Flashcards

1.7 - Security Assessments Flashcards

1
Q

Define Threat Hunting.

A

The practice of proactively searching for cyber threats that are lurking undetected in a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define Vulnerability Scans.

A

The process of identifying security weaknesses and flaws in systems and software running on them. They are usually minimally invasive. This is not the same as a penetration test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define Port Scan.

A

A vulnerability scans that focuses on ports. It can discover vulnerable ports that are open.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define a Non-Intrusive scan.

A

A type of vulnerability scan that gathers information but does not try to exploit vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define an Intrusive Scan.

A

A type of vulnerability scan that focuses on exploiting vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define a Non-Credentialed scan.

A

A type of vulnerability scan that attempts to gain access from the perspective of someone who does not have access to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define a Credentialed scan.

A

A type of vulnerability scan that attempts to emulate an insider attack (an attack from someone who does have access to the network).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

List some of the places that a Vulnerability Scan could find vulnerabilities.

A

1) Applications
2) Web Applications
3) Network (devices, firmware, ports, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Where can you go to do Vulnerability Research?

A

1) National Vulnerability Database
2) Common Vulnerabilities and Exposures (CVE)
3) Microsoft Security Bulletins

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What might a Vulnerability Scan find?

A

1) Lack of Security Controls
2) Misconfigurations
3) Real Vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define Security Information and Event Management (SIEM).

A

A database that logs security events and information. It can line diverse data types. Allows for forensic analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define Syslog (System logging protocol).

A

A protocol that facilitates the transfer of information from network devices to a central server, known as syslog server, in a particular message format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define Security Monitoring.

A

Involves collecting and analyzing information to detect suspicious behavior or unauthorized system changes on your network, defining which types of behavior should trigger alerts, and taking action on alerts as needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security + Messer (24 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions