EVALUATION EXAM ALL QUESTIONS AND
ANSWERS SURE A+
✔✔__________ are a component of the "security triple."
a. Threats
b. Assets
c. Vulnerabilities
d. All of the above - ✔✔d
✔✔A(n) __________ item is a hardware or software item that is to be modified and
revised throughout its life cycle.
a. revision b. update
c. change d. configuration - ✔✔d
✔✔A __________ is the recorded condition of a particular revision of a software or
hardware configuration item.
a. state
b. version
c. configuration
d. baseline - ✔✔b
,✔✔To maintain optimal performance, one typical recommendation suggests that when
the memory usage associated with a particular CPU-based system averages
__________% or more over prolonged periods, you should consider adding more
memory.
a. 40 b. 60
c. 10 d. 100 - ✔✔b
✔✔To evaluate the performance of a security system, administrators must establish
system performance __________.
a. baselines
b. profiles
c. maxima
d. means - ✔✔a
✔✔Control __________ baselines are established for network traffic and for firewall
performance and IDPS performance.
a. system
b. application
c. performance
d. environment - ✔✔c
✔✔A primary mailing list for new vulnerabilities, called simply __________, provides
time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited
and reporting on how to remediate them. Individuals can register for the flagship mailing
list or any one of the entire family of its mailing lists.
a. Bugs b. Bugfix
c. Buglist d. Bugtraq - ✔✔d
✔✔The __________ is a center of Internet security expertise and is located at the
Software Engineering Institute, a federally funded research and development center
operated by Carnegie Mellon University.
a. US-CERT b. Bugtraq
c. CM-CERT d. CERT/CC - ✔✔d
✔✔The __________ Web site is home to the leading free network exploration tool,
Nmap.
a. insecure.org
b. Packet Storm
c. Security Focus
d. Snort-sigs - ✔✔a
✔✔The __________ commercial site focuses on current security tool resources.
a. Nmap-hackerz
b. Packet Storm
, c. Security Laser
d. Snort-SIGs - ✔✔b
✔✔The __________ mailing list includes announcements and discussion of a leading
open-source IDPS.
a. Nmap-hackers b. Packet Storm
c. Security Focus d. Snort - ✔✔d
✔✔The optimum approach for escalation is based on a thorough integration of the
monitoring process into the __________.
a. IDE b. CERT
c. ERP d. IRP - ✔✔d
✔✔Detailed __________ on the highest risk warnings can include identifying which
vendor updates apply to which vulnerabilities as well as which types of defenses have
been found to work against the specific vulnerabilities reported.
a. escalation b. intelligence
c. monitoring d. elimination - ✔✔b
✔✔A process called __________ examines the traffic that flows through a system and
its associated devices to identify the most frequently used devices.
a. difference analysis b. traffic analysis
c. schema analysis d. data flow assessment - ✔✔b
✔✔One approach that can improve the situational awareness of the information security
function is to use a process known as __________ to quickly identify changes to the
internal environment.
a. baselining b. difference analysis
c. differentials d. revision - ✔✔b
✔✔__________ is used to respond to network change requests and network
architectural design proposals.
a. Network connectivity RA
b. Dialed modem RA
c. Application RA
d. Vulnerability RA - ✔✔a
✔✔The __________ is a statement of the boundaries of the RA.
a. scope b. disclaimer
c. footer d. head - ✔✔a
✔✔The __________ process is designed to find and document vulnerabilities that may
be present because there are misconfigured systems in use within the organization.
a. ASP b. ISP