IS3340 CHAPTER 10 Flashcards Preview

IS3340 SEC. STRAT. IN WINDOWS PLATFORM & APPS. > IS3340 CHAPTER 10 > Flashcards

Flashcards in IS3340 CHAPTER 10 Deck (22):
1

The components, including people, information, and conditions, that support business objectives is called ___?

BUSINESS DRIVERS

2

The process of ensuring that the items in each domain of the IT infrastructure meet or exceed security goals is called ___?

COMPLIANCE

3

A quality method indicating a continuous process consisting of four repeating steps and is known as ___ or ____? (PDCA)

DEMING CYCLE/PLAN-DO-CHECK-ACT (PDCA)

4

The ongoing attention and care an organization places on security and compliance is called ___?

DUE DILIGENCE

5

A network device or software that can analyze traffic and detect a potential intrusion based on traffic patterns is called ___?

INTRUSION DETECTION SYSTEM (IDS)

6

A network device or software that can analyze traffic and detect a potential intrusion based on traffic patterns and can also change firewall rules in real time to prevent further damage from an attack is called ___?

INTRUSION PREVENTION SYSTEM (IPS)

7

A shortened unique string of digits that represents a file or message is called ___?

MESSAGE DIGEST

8

The process of implementing the security controls within the IT infrastructure is called ___?

SECURITY ADMINISTRATION

9

1. Security administration is the process of developing an organization's security policy.
TRUE OR FALSE

FALSE

10

2. What is the most important feature of PDCA?

1. PDCA was developed for security administration
2. PDCAis a Microsoft standard
3. PDCA repeats and does not end
4. PDCA was developed by Dr. Deming

PDCA repeats and does not end

11

3. which of the following activities would a security administrator be LEAST likely to do?

1. Monitor log files
2. Deliver AUP training
3. Keep software up to date
4. Enforce physical security controls

Deliver AUP training

12

4. If time to recover exceeds the recovery goal, which property of security have you violated?

1. Availability
2. Integrity
3. Confidentiality
4. Consistency

Availability

13

5. Which of the following devices or software programs can detect intrusions? (Select two)

1. Firewall
2. IDS
3. IPS
4. NAT

IDS
IPS

14

6. A valid backup is an integral part of your ___ and ___.

Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)

15

7. Protecting both integrity and confidentiality depend largely on knowing a user's identity.
TRUE OR FALSE

TRUE

16

8. A DACL is used primarily to enforce which security properties? (Select two)

1. Integrity
2. Consistency
3. Confidentiality
4. Availability

Integrity

Confidentiality

17

9. You can use the ___ tool to ensure your Microsoft operating system is up to date and has all patches and service packs installed.

MBDA

18

10. Active directory requires that you create multiple GPOs, one for each computer.
TRUE OR FALSE

FALSE

19

11. Which of the following terms is best described as a collection of requirements users must meet, typically within a specific system or environment?

1. Security policy
2. Security standard
3. Security procedure
4. Security guideline

Security standard

20

12. Which type of Windows component would you use to define which users can create files in a folder?

1. DACL
2. NAT
3. User right
4. IPSec rule

DACL

21

13. Which tool would you sue to edit the setting that disables user-installed desktop gadgets for all users?

1. Local Group Policy Editor
2. MBSA
3. GPMC
4. Performance Monitor

GPMC

22

14. Microsoft provides a command line utility for creating backups on Windows Server 2008 and Windows 7.
TRUE OR FALSE

TRUE