Chapter 2: Monitoring and Diagnosing Networks

Question 1

A network segment between two firewalls. One is outward facing, connected to the outside world, the other inward facing, connected to the internal network. Public-facing servers, such as web servers, are often placed in this.

Answer 1

Demilitarized Zone (DMZ)

Question 2

A network that functions in the same manner as a honeypot.

Answer 2

Honeynet

Question 3

A fake system designed to divert attackers from our real systems. It is often replete with logging and tracking to gather evidence.

Answer 3

Honeypot

Question 4

A broad term that applies to a wide range of systems used to manage information security.

Answer 4

Information Security Management System (ISMS)

Question 5

A system that monitors the network for possible intrusions and logs that activity.

Answer 5

Intrusion Detection System (IDS)

Question 6

Any information that could identify a particular individual.

Answer 6

Personally Identifiable Information (PII)

Question 7

The entire network, including all security devices, is virtualized.

Answer 7

Software-Defined Network (SDN)

Question 8

A firewall that not only examines each packet but also remembers the recent previous packets.

Answer 8

Stateful Packet Inspection (SPI)

Question 9

Which ISO standard is a guidance for cloud security?

Answer 9

ISO 27017

Question 10

What seven controls does ISO 27017 add to ISO 27002?

Answer 10

• CLD.6.3.1
• CLD.8.1.5
• CLD.9.5.1
• CLD.9.5.2
• CLD.12.1.5
• CLD.12.4.5
• CLD.13.1.4

Question 11

This is an agreement on shared or divided security responsibilities between the customer and cloud provider.

Answer 11

CLD.6.3.1

Question 12

This control addresses how assets are returned or removed from the cloud when the contact is terminated.

Answer 12

CLD.8.1.5

Question 13

This control states that the cloud provider must separate the customers’ virtual environment from other customers or outside parties.

Answer 13

CLD.9.5.1

Question 14

This control states that the customer and the cloud provider both must ensure the virtual machines are hardened.

Answer 14

CLD.9.5.2

Question 15

Control that states it is solely the customer’s responsibility to define and manage administrative operations.

Answer 15

CLD.12.1.5

Question 16

The cloud provider’s capabilities must enable the customer to monitor their cloud environment.

Answer 16

CLD.12.4.5

Question 17

The virtual network environment must be configured so that it least meets the security policies of the physical environment.

Answer 17

CLD.13.1.4

Question 18

Corporation that publishes standards for electrical power companies.

Answer 18

North American Electric Reliability Corporation (NERC)