IS372-Chapter8

0.0(0)
studied byStudied by 1 person
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/21

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

22 Terms

1
New cards

The two major categories of threats are human and _____

natural

2
New cards

True or False: A threat is any activity that represents a possible danger, with the potential to affect confidentiality integrity or accessibility

True

3
New cards

Which of the following methods can be used to identify threats

Threat Modeling and reviewing historical data

4
New cards

What are some examples of internal threats (select the best answer)

Disgruntled employee, data loss

5
New cards

A(n) ______ assessment is used to identify vulnerabilities within and organization

vulnerability

6
New cards

Who should perform vulnerability assessments

Either internal or external security professionals or both

7
New cards

What is the name of a tool commonly used for vulnerability assessment scans

nessus

8
New cards

an org wants to check compliance with internal rules and guidelines to ensure that existing policies are being followed what should be performed ?

audit

9
New cards

a business wants to know whether its users are granted the rights and permissoins to their job and no more a(n) _____ test should be performed

access control

10
New cards

a business wants to know whether any of the discovered vulnerabilities can be exploited what should be performed

exploit assessment

11
New cards

An organization that is governed by HIPAA wants to know whether it is in compliance what would document the differences between what is required and what is not currently implemented

gap analysis

12
New cards

What sort of IDs is only installed on a specific system

Host based IDs

13
New cards

True or False: An IDs may employ machine learning algorithms to detect unknown malware attacks

True

14
New cards

A _____ assessment identifies and evaluates potential threats

threat

15
New cards

What is the common characteristic between risk and threat assessments

time

16
New cards

Risk = ___ x ___

Threat, Vulnerability

17
New cards

True or False: Natural threats are man made

False

18
New cards

Why are access controls important

To make sure not everyone has admin permissions over something

19
New cards

_________ are a series of events recorded in one or more audit logs 

audit logs 

20
New cards

____ testing tests individual systems for vulnerabilities

system

21
New cards

The first step of an exploit assessment is to perform a ___ test

vulnerability

22
New cards

A(n) ____ can be used to mitigate SYN floods

IDs