Security Tools (sec +)

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/17

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards

SCAP (Security Content Automation Protocol)

framework to automate vulnerability management and compliance reporting

2
New cards

Benchmarks

standard guidelines for configuring systems securely and consistently

3
New cards

Agent

a software program installed on a system that collects data, monitors activity, or enforces security policies

4
New cards

Agentless

a method of monitoring or scanning systems without installing software, typically by accessing data remotely

5
New cards

Agentless Checks

remotely checks systems without installing agents

6
New cards

Log Aggregation

collecting logs from multiple sources into one place

7
New cards

Long-Term Storage

keeping logs/events for a long time for compliance or investigation

8
New cards

Data Correlation

connecting data from multiple sources to find patterns or threats

9
New cards

Forensic Analysis

analyzing logs/data to investigate security incidents

10
New cards

DLP (Data Loss Prevention)

a strategy to stop sensitive data from leaving an organization's control by identifying, monitoring, and protecting it

11
New cards

SNMP (Simple Network Management Protocol)

an application-layer protocol used to monitor and manage IP network devices like routers, switches, servers, and printers from a central management system

12
New cards

MIB (Management Information Base)

database for managing network devices via SNMP

13
New cards

OIDs (Object Identifiers)

unique numerical strings used to identify specific MIB objects for SNMP management and monitoring

14
New cards

UDP/161

port number used for SNMP communications, allowing devices to send and receive management data.

15
New cards

SNMP traps

an asynchronous notification sent from a managed device (Agent) to a management station (Manager) to report an immediate, critical event

16
New cards

NetFlow

a standard protocol for collecting IP traffic metadata (not the content itself) on a router or switch

17
New cards

Probe and Collector

watches network communication & gets summary records that are then sent to the collector

18
New cards

Vulnerability Scanners

automated software that scans systems against a CVE database to identify known security flaws (vulnerabilities, misconfigurations, or missing patches)