Practice Test Questions I got Wrong or terms IDK

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/20

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

21 Terms

1
New cards

Which describes technical security controls?

Sometimes called logical security controls, Executed by computer systems (instead of people), Implemented with technology

2
New cards

Which are examples of technical security controls? (not preventative)

Encryption, IDSs, Firewalls (not preventative)

3
New cards

Examples of managerial security controls include:

Organizational security policy, Security awareness training, Risk assessments

4
New cards

Examples of operational security controls?

Configuration management, System backups, Patch management

5
New cards

Which of the following examples do NOT fall into the category of physical security controls?

Data backups, Firewalls, Asset management

6
New cards

What are the examples of preventive security controls? (not technical)

Encryption, Firewalls, AV software (not technical)

7
New cards

AV Software

Anti-virus software

8
New cards

IDS

Intrusion Detection System

9
New cards

Which refer to detective security control?

Log monitoring, Security audits, CCTV, IDS, Vulnerability scanning

10
New cards

Which refers to corrective security control?

Recovering data from backup copies, applying software updates and patches to fix vulnerabilities, developing and implementing IRPs to respond to and recover from security incidents, activating and executing DRPs to restore operations after a major incident

11
New cards

Which are compensating security controls?

Backup power systems, MFA, Application sandboxing, Network segmentation

12
New cards

IRP

Incident Response Plan

13
New cards

AUP

Acceptable Use Policy

14
New cards

What does non-repudiation prove?

proves who did something and what was done. does NOT hide contents

15
New cards

TACACS+

Terminal Access Controller Access Control System Plus - Cisco protocol that fully supports AAA. Separates each function for granular control.

16
New cards

RADIUS

Remote Authentication Dial-In User Service. Open standard protocol. Supports AAA but combines authentication and authorization.

17
New cards

CHAP

Challenge-Handshake Authentication Protocol. Only provides authentication. Doesn’t support AAA.

18
New cards

PAP

Password Authentication Protocol. Basic, insecure authentication only. Doesn’t support AAA.

19
New cards

MS-CHAP

Microsoft’s version of CHAP. Adds encryption but still only handles authentication. Doesn’t support AAA.

20
New cards

Which refer to common methods of device authentication used within the AAA framework?

Digital certificates, IP addresses, MAC addresses

21
New cards