Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ISMN > Test > Flashcards

Test Flashcards

1
Q

Layer 1

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Layer 2

A

Data Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Layer 3

A

Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Layer 4

A

Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Layer 5

A

Session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Layer 6

A

Presentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Layer 7

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Bit

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Frame

A

Data link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Packet

A

Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Segment

A

Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Data

A

Session
Presentation
Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The________defines theelectricaland physical specifications of the data connection

A

Physical Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The ________ providesnode-to-node data transfer—a link between two directly connected nodes

A

Data Link Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The_______provides the functional and procedural means of transferring variable lengthdatasequences (calleddatagrams) from one node to another connected to the same “network”.

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The __________ provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks, while maintaining the quality of service functions.

A

transport layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The ________

controls the dialogues (connections) between computers.

A

session layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The ____________ establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them.

A

presentation layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The __________ is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application.

A

application layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

To transmit bits over a medium; to provide mechanical and electrical specifications

A

Physical

21
Q

To organize bits into frames; to provide hop to hop delivery

A

Data link

22
Q

To move packets from source to destination to provide internetworking

A

Network

23
Q

To provide reliable process to process message delivery and error recovery

A

Transport

24
Q

To establish, manage and terminate sessions

A

sessions

25
Q

to translate, encrypt and compress data

A

presentation

26
Q

to allow access to network resources

A

application

27
Q

If a source host wishes to use an IP application such as active HTTP for instance, it selects a port number which is greater than 1023 and connects to the destination station on port 80.

A

3 - way handshake

28
Q

Actively manage (inventory, track & correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized & unmanaged devices are found and prevented from gaining access.

A

Inventory of Authorized & Unauthorized Devices.

Organizations should implement and enforce
Change management 
source control 
restrict access to APIs 
Automated server discovery
29
Q

Actively manage (inventory, track & correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized & unmanaged software is found and prevented from installation or execution.

A

Inventory of Authorized & Unauthorized Software

Organizations should implement and enforce
change management
source control
integrity monitoring

30
Q

Establish, implement, and actively manage (track, report on, correct) the security configuration of laptops, servers, workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

A

Secure Configurations for Hardware & Software on Mobile Devices, Laptops, Workstations, & Servers

Organizations should implement & enforce:
• Change management
• Source control
• Integrity monitoring

31
Q

Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, & minimize the window of opportunity for attackers.

A

Continuous Vulnerability Assessment & Remediation

Organizations should implement & enforce:
Scans as part of deployment
Intrusion prevention
Patch management

32
Q

The processes and tools used to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.

A

Controlled Use of Administrative Privileges

Organizations should implement & enforce
• Principle of least 
  privilege 
• Regular review of access 
• Log inspection
33
Q

Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.

A

Maintenance, Monitoring, & Analysis of Audit Logs

Organizations should implement & enforce:
• Centralized logging
• SIEM (Deep Security)
• Log inspection

34
Q

Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers & email systems.

A

Email and Web Browser Protections

Organizations should implement & enforce
• Regular endpoint patching 
• Anti-malware protection 
• Web reputation services 
• Intrusion prevention
35
Q

Manage (track/control/ correct) the ongoing operational use of ports, protocols, and services on networked devices in order to minimize windows of vulnerability available to attackers.

A

Limitation and Control of Network Ports, Protocols, and Services

Organizations should implement & enforce:	
• Application control
• Secure OS configuration
• Intrusion prevention
• Firewall
36
Q

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

A

Data Recovery Capability

Organizations should implement & enforce:
• Regular automated Backup and/or snapshots
• Test restoration

37
Q

Establish, implement, and actively manage (track, report on, correct) the security configuration of network infrastructure devices using a rigorous configuration management and change control process

A

Secure Configurations for Network Devices

Organizations should implement & enforce
• Route tables
• Network access control lists
• Security groups

38
Q

Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

A

Boundary Defense

Organizations should implement & enforce
• Good network design
• Intrusion prevention
• Firewall

39
Q

The processes and tools used to prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of sensitive information.

A

Data Protection

Organizations should implement & enforce
• Strict access control 
• Intrusion prevention 
 (Enabling lateral movement 
 detection)
40
Q

The processes and tools used to track/control/prevent/correct secure access to critical assets according to the formal determination of which persons, computers, and applications have a need and right to access these critical assets based on an approved classification.

A

Controlled Access Base on the Need to Know

Organizations should implement & enforce
• Good network design 
• Change management 
• Asset management 
• Log inspection 
• Firewall
41
Q

file transfer protocol

A

port 20, 21

42
Q

simple mail transfer protocol

ex. outlook

A

port 25

43
Q

Domain Name service

A

port 53

44
Q

Hyper text transfer protocol secured

A

port 445

45
Q

hypertext transfer protocol

A

port 80

46
Q

Actively manage the life cycle of system and application accounts – their creation, use, dormancy, deletion – in order to minimize opportunities for attackers to leverage them.

A

Account Monitoring & Control

Organizations should implement & enforce
• No shared accounts
• Log inspection

47
Q

For all functional roles in the organization, identify the specific knowledge, skills, and abilities needed to support defense of the enterprise.

A

Security Skills Assessment & Appropriate Training to Fill Gaps

Organizations should implement & enforce
• A culture of security that spans all functions
• A business strategy that is secure by design

48
Q

Protect the organization’s information, as well as its reputation, by developing and implementing and incident response infrastructure for quickly discovering an attack and then effectively containing the damage, eradicating the attacker’s presence, and restoring the integrity of the network and systems.
one processor

A

Incident Response Management

Organizations should implement & enforce
• Clear, easy-to-follow process
• Simple communications flow
• Repeatable procedures

one processor

49
Q

Test the overall strength of an organization’s defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker.

A

Penetration Tests & Red Team Exercises

Organizations should provide:
• Scope of engagement
• Permission from CSP

ISMN (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions