Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
17 Cards in this Set
- Front
- Back
|
One of the main vulnerability scanners used across multiple platforms including Windows, Linux, Smartphones. Determines Hosts Operating System & Service Packs Assists with Patch Management. |
GFI LANguard |
|
|
Vulnerability Scanner that provides patch, configuration, auditing, malware, botnet discovery, easily deployed in Amazon Web Services AWS Cloud. Uses Client Server Architecture |
Nessus |
|
|
Vulnerability Scanner available as a stand alone application or enterprise suite of services. Used to locate and report system vulnerabilities and has feature reduced free version. |
Retina |
|
|
Network Security Vulnerability Scanning tool |
IBM ISS Internet Scanner |
|
|
Vulnerability Scanner for MAC System |
X-Scan |
|
|
3rd Generation Resource Analysis Tool that has been available for over 10 years - Integrates with National Vulnerability Database |
Security Auditors Research Assistant (SARA) |
|
|
Find and track vulnerabilities in perimeter devices - can predict impact of zero day attacks |
QualysGuard |
|
|
Can detect and fix vulnerabilities before they can be attacked by intruders. Can perform configuration audits defined by FDCC and DISA |
SAINT |
|
|
Microsoft Security Analyzer. Used to Scan Products to determine compliance with Microsoft Security Guidelines. |
Microsoft Baseline Security Analyzer (MBSA) |
|
|
Type of Vulnerability Assessment that does not directly attack a system but looks for configuration settings and patch |
Passive Vulnerability Assessment |
|
|
Type of Vulnerability Assessment that directly communicates with the network infrastructure and can trigger alerts in the system |
Active Vulnerability Assessment |
|
|
Exploitation tool - most comprehensive commercial penetration testing product available - end user security training |
CORE |
|
|
Comprehensive framework for security testers worldwide. |
CANVAS |
|
|
Open Source Vulnerability Scanner |
Metasploit |
|
|
Designed to lure, not trap, malicious users away from production environnment. Can simulate servers and users. Can be placed inside firewall, DMZ. |
Honeypot |
|
|
Entire network designed to attract attackers away from production environments. Networks made up of Firewalls, FTP Servers, Mission Critical Applications. |
Honeynet |
|
|
Three types of System Events |
Information Warning Error |
