*Chapter 18 Quiz (ITN101) - Network Operations

End users are probably the primary source of security problems for any organization. (T/F)

True

International export controls restrict the export of some kinds of hardware and software—along with more obvious things like weapons—to specific countries. (T/F)

True

Which two tools dominate the vulnerability testing arena?

Nessus and OpenVAS

Business continuity handles everything related to recovering infrastructure from a disaster except incidents that require moving part of the organization's business offsite. (T/F)

False

Firmware updates enable programming upgrades that make network devices more efficient, more secure, and more robust. (T/F)

True

Business continuity planning deals with the concept of backup sites. (T/F)

True

Which individual will examine an infrastructure to find existing vulnerabilities and, instead of hurting the infrastructure, report findings so that an administrator can further harden the network?

white hat hacker

If an incident can no longer be contained, causing significant damage or danger to the immediate infrastructure, it is covered under __________.

disaster recovery

Which tool is a port scanner?

Nmap

Anything that negatively affects an organization, that hurts or compromises its people, systems, or ability to function as an entity, is a(n) ____________________.

incident

The main method by which a first responder secures an area is by having their presence at the scene. (T/F)

True

The cornerstone of incident response is the incident response team. (T/F)

True

The __________ defines who may access the network, how they may access the network, and what they can access.

network access policy

Which tool is considered to be the go-to tool for pentesting?

Metasploit

Which term is used to represent the amount of time it takes to fix a system after it fails?

mean time to repair

Which document defines the duties parties commit to perform for each other and a time frame for the commitment?

memorandum of understanding (MOU)

By following good patch management procedures, you can roll back or downgrade by removing a patch. (T/F)

True

Upon arriving at an incident site involving a forensic situation, a first responder's first task is to turn off all computers. (T/F)

False

Every asset has some weakness that makes it potentially susceptible to a threat. (T/F)

True

Which is a legal document that prohibits the signer from disclosing any company secrets learned as part of his or her job?

nondisclosure agreement (NDA)

Which term is used for all the customized settings for a router, switch, load balancer, intrusion detection/prevention system (IDS/IPS), firewall, or other network device?

configuration data

The ____________________ factor indicates the length of time a device is expected to last in operation.

mean time to failure

Which written document defines how an organization will protect its IT infrastructure?

security policy

Which secondary location will generally take more than a few days to bring online?

cold

Most restored systems have some amount of lost data based on when the last backup took place. (T/F)

True

Which term is used to represent the manufacturer's best guess (based on historical data) regarding how much time will pass between major failures of a component?

mean time between failures

Which secondary location lacks current data and may not have functioning Internet/network links?

warm

A proper assessment of a backup plan records how much data might be lost and how long it would take to restore. (T/F)

True

From the standpoint of a first responder, the most important item to keep in mind about chain of custody is notifying the police. (T/F)

False

Which tool is an open-source tool for penetration testing pretty much every aspect of wireless networks?

Aircrack-ng

Which type of backups are really just redundant servers?

real-time