Chapter 2 - Monitoring Networks Flashcards Preview

CompTIA Security+ > Chapter 2 - Monitoring Networks > Flashcards

Flashcards in Chapter 2 - Monitoring Networks Deck (25):
1

Rene

What were originally introduced to help troubleshoot network problems?

page 46.
Network Monitors, AKA sniffers

2

Rene

What is Promiscuous Mode?

page 46.
Simply means that the network card looks at any packet that it sees on the network, even if that packet is not addressed to the network.

3

Rene

What log contains various events logged by applications or programs.

page 47.
Application Log

4

Rene

Which Log has successful and unsuccessful logon attempts and records events related to resource use, such as creating, opening or deleting file or other objects.

page 47.
Security Log

5

Rene

What are the options in Event Viewer that allow you to perform certain actions?

page 51.
Saving the Log file in (evt, txt or csv format), opening saved logs, filtering the log file and viewing or changing properties.

6

Rene

What is Hardening?

page 52.
A general process of making certain that the operating system itself is as secure as it can be.

7

Rene

True or False
Part of OS Hardening is disabling unneccessary services.

page 53
True

8

Rene

What is RPC

page 53
Remote Procedure Call
Is a programming interface that allows a remote computer to run programs on a local machine.

9

Rene

True or False
It is considered a security best practice to remove unneeded software

page 55
True

10

Rene

What is a patch?

page 56
Is an update to a system, sometimes a patch adds new functionality; in other cases, it corrects a bug in the software

11

Rene

What are the three types of patches?

page 57
Service Pack
Updates
Security Updates

12

Rene

What is IDS?

page 64
Intrusions Detection System
Focused on detecting intrusion

13

Rene

What is IPS?

page 64
Intrusion Prevention System
Focused in preventing intrusions

14

Rene

How does a "Honeypot" work?

page 64
Draw attackers away from higher-value system or allows administrators to gain intelligence about an attack strategy.

15

Rene

How does a "Honeynet" work?

page 64
Creates a synthetic network that can be run on a single computer system and is attached to a network using a normal Network Interface Card (NIC)

16

Rene

What is the process of luring someone into your plan or trap, by using free stuff or a challenge?

page 65
Enticement

17

Rene

What is the process in which a law enforcement officer or a government agent encourages or induces a person to commit a crime when the potential criminal expresses a desire not to go ahead?

page 65
Entrapment

18

Rene

True or False
Enticement and Entrapment are both legal in the US, but not legal in Canada.

page 65
False

19

Rene

What are Alarms?

page 63
Are indications that there is an ongoing CURRENT problem.

20

Rene

What are Alerts?

page 63
Are issues to which you need to pay attention, but are not about to bring the system down at any moment.

21

Rene

What are Trends?

page 63
Trends in threats, example;
Last month, spear phishing attacks been increasing.

22

Rene

What are Security Audits and what do they include?

page 62
An integral part of continuous security monitoring. they include;
* Review of security logs
* Review of policies and compliance with policies
* A check of security device configuration
* Review of incident response reports

23

Rene

What are the settings for Remediation Policy?

page 62
* Minor
* Serious
* Critical

24

Rene

What are methods of Security the Network?

page 60
Using the following concepts;
* MAC Limiting and Filtering
* 802.1X
* Disable Unused Ports
* Rogue Machine Detection

25

Rene

What types of accounts should you disable?

page 58
* Employees who have left the company
* Temporary Employees
* Default Guest Accounts