IS4550 CHAPTER 10 Flashcards
An implementation technique to control access to a resource by maintaining a table of authorized user IDs is called ___.
ACCESS CONTROL LIST (ACL)
Software or plug-ins that run within a client browser, usually when visiting certain Web sites is called ___.
ACTIVE CONTENT
The act of recording relevant security events that occur on a computing or network device (server, workstation, firewall, etc.) This can also refer to a review of business and financial processes and files by an auditor is called ___.
AUDIT
The process of removing unnecessary software on a server or workstation, turning off unneeded network ports and services, and preventing users from changing a machine’s configuration is called ___.
HOST HARDENING
A series of software agents, appliances, and servers that monitor for network activity that is deemed a threat, alerts, administrators, and logs the information. They operate by matching signatures of known poodle network attack traffic or by building over time a baseline of normal behavior then alerting on traffic that is anomalous to that normal pattern of behavior and is called ___.
INTRUSION DETECTION SYSTEM (IDS)
A system that intercepts potentially hostile activity prior to it being process is called ___.
INTRUSION PREVENTION SYSTEM (IPS)
An application firewall that is used to control the flow of traffic to and from the Internet to user workstations attached to a local area network. It intercepts the user’s request for an Internet resource, initiates a new connection, and proxies the result back to the requestor and is called ___.
USER PROXY
Automated information services over the Internet using standardized technologies and formats/protocols that simplify the exchange and integration of data. This helps organizations to inter-operate regardless of the types of operating systems, programming languages, and databases being used and is called ___.
WEB SERVICES
- The steps to implement security controls on a firewall would be documented within which of the following?
- Policy
- Control standard
- Baseline standard
- Procedure
Procedure
- A DMZ separates a LAN from which of the following?
- Phone network
- Internet network
- Cellular network
- VoIP network
Internet network
- Visitor control is an aspect of which of the following?
- Network security
- Personnel security
- Workstation security
- Physical security
Physical security
- Which of the following can you use to segment LANs?
- Routers and firewalls
- Routers and gateways
- Gateways and servers
- Servers and workstations
Routers and firewalls
- Without a policy that leads to controls that restrict employees from installing their own software on a company workstation, a company could suffer which of the following consequences?
- Malware on the network
- Lawsuits from software licensing issues
- Loss of productivity
- All the above
Malware on the network
Lawsuits from software licensing issues
Loss of productivity
- Good sources for security policies and standards include which of the following?
- US Government
- Private companies selling standards
- Professional organizations
- Vendors
- All the above
US Government
Private companies selling standards
Professional organizations
Vendors
- Two-factor authentication is a typical control used by employees to remotely access which of the following?
- Workstation
- LAN
- DMZ Web site
- WAN
LAN
