4.2 behavioral approach

type of security involving thecapturing and analyzing communications between a user on a local network and a user on a remote network. Any behavioral changes indicate anomalies and potential threats.

behavior-based security

a behavior-based detection tool that lures attackers by appealing to their attack patterns. Once the attacker falls for the trick, the network administrator can log and analyze the data to build better defenses against the attacker. Think of how female intelligence operatives may use their beauty to recruit spies

honeypot

Cisco’s security architecture tool uses behavior-based detection to discover the attacker’s identity, the type of attack, where the attack originates from, and how the attack is taking place.

Ciscos Cyber Threat Defense Solution Architecture

technology used in conjunction with routers, firewalls, and switches to collect data flowing to a network, including the users and devices on the network. The information is sent to netflow collectors who analyze the data to establish baseline behaviors

netflow

assessing a system for vulnerabilities by exploiting systems, networks, people, processes, and code to improve an organization’s security posture.

penetration testing

what step in the pen testing process involves planning an attack by gathering information on a target’s system or network to exploit vulnerabilities. This step is also known as footprinting

step 1

which step of the pen testing process involves conducting active reconnaissance of a target’s system or network to identify vulnerabilities for exploitation

step 2

which step of the pen testing process involves gaining access to the system to collect network traffic by exploiting vulnerabilities

step 3

which step of the pen testing process involves maintaining undetected access to a target’s system or network to discover exploitable vulnerabilities and collect valuable data

step 4

what step in the pen testing process involves writing report

step 5 or the final step

another term for step 1 of the pen testing process

footprinting

the process of contiguously identifying and analyzing risks to mitigate the impact of threats and vulnerabilities

risk management

risks can be mitigated by assessing the blank vs the blank

impact of threat vs the cost of utilizing controls to mitigate it.

first step of the risk management process involves identifying threats that can increase risk and may include processes, products, and potential disruption

frame the risk

the second step of the risk management process involves assessing the severity of a threat through quantitative or qualitative analysis

assessing the risk

the third step of the risk management process involves developing an action plan to reduce the impact of risk and identifying where risk can be eliminated, mitigated, accepted, or transferred

respond to risk

fourth and final step of the risk management process involves continuously monitoring risks reduced through elimination, mitigation, acceptance, or transference.

monitor the risk