Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/30

Click to flip

30 Cards in this Set

  • Front
  • Back

Regarding auditing (NIST standards), what is the process of exercising one or more assessment objects under specified conditions to compare actual and expected behaviors?

Testing


Regarding auditing (NIST standards), what is the process of checking, inspecting, reviewing, observing, studying or analyzing one or more assessment objects to facilitate understanding, achieve clarification, or obtain evidence?


Examination


Regarding auditing (NIST standards), what is the process of conducting discussions with individuals o groups within an organization to facilitate understanding, achieve clarification, or identify the location of evidence.

Interviewing

What is the difference between a vulnerability assessment and penetration testing?

VA - Done by admins


PT - Done by hired hackers

For Penetration testing, what are white, grey, and black box?

White: have full knowledge of network


Grey: limited knowledge (costs less than black box)


Black: no knowledge (hacker approach)

What are the 3 types of pentesting?

1. Physical Security
2. Operational Security
3. Electronic Security

What is NIST's 800-137 that includes:


Define


Establish


Implement


Analyze/Report


Respond


Review/Update

CM - Continuous Monitoring

Define:
System Reboot


Emergency Reboot


Cold Start

System Reboot: System shuts itself down safely and restarts.
Emergency Reboot: System can't recover and basically restarts in "special or safe mode"
Cold Start: User intervention (manual reboot)

What is superzapping?

A utility to bypass access controls of an operating system. Administrators can use these for quick changes. Nothing is logged, so attackers can use them for malicious purposes.

What is it called when a packet is modified to have the same destination and origin address?

Denial Of Service

What is another name for a Browsing Attack?

Shoulder surfing

Juggernaut and Hunt are tools used for what kind of attack?

Session Hijacking

What is Kerckhoff's principle and why is it relevant?

The only secret portion to a cryptosystem should be the key so that the algorithms can be stronger

What is required for a secure Vernam cipher?

The pad must be used just one time

What are the RMF Steps?

Cat Sat On it's Assets All Morning...


CSOAAM

How are Type 1 and Type 2 Hypervisors different? What is the industry standard?

Type 1 - standard, installed from scratch


Type 2: installed over Windows

Vulnerability Assessment

prioritized list of vulnerabilities and are generally for clients who already understand they are not where they want to be in terms of security. The customer already knows they have issues and simply need help identifying and prioritizing them.

Interface Testing

check & verify interactions errors are handled properlyuser interrupts any transaction

Misuse Case Testing

use case from the point of view of an Actor hostile to the system under design

Penetration Tests

designed to achieve a specific, attacker-simulated goal and should be requested by customers who are already at their desired security posture. A typical goal could be to access the contents of the prized customer database on the internal network, or to modify a record in an HR system.

Real User Monitoring (RUM) /


End user experience monitoring (EUM)

web monitoring that aims to capture and analyze every transactions


Passive monitoring, relying on web monitoring services that continuously observe system in action,


tracking availability, functionality and responsiveness

Synthetic performance monitoring

script of user action to track performance


from external, so better to assessing site availability and network problems

Security Metrics

data collected from one or more security control, such as


. the number and severity of vulnerabilities revealed


. number of unauthorized access attempts


. configuration baseline information


. contigency plan testing dates and results


. number of employees who are current on awareness training requirements


. risk tolerance thresholds


. risk score associated

Various of test

Checklist Test


- Copies of BCP are distributed to the different departments and functional areas for review


Structured walk through test


- representative from each department or functional area come together and go over the plan


Parallel test


- perform test on alternate offisite facility


Full interruption test


- original site is shut down, and processing takes place at alternate site

Zero Knowledge test

Team does not have any knowledge of the target and must start from ground zero

Partial knowledge

Some information about the target

Full knowledge

intimate knowledge of the target

Blind test

Assessor only have publicly available data to work with

Double blind test / Stealth assessment

security staff is not notified

Targeted Test

external consultant and staff carrying out focused test on specific area of interest