Suggested answers to discussion questions


Download 0.51 Mb.
Size0.51 Mb.
1   2   3   4   5   6   7   8   9   ...   19

8.1 Match the following terms with their definitions:



__d__ 1. Vulnerability

  1. Code that corrects a flaw in a program.

__s__ 2. Exploit

  1. Verification of claimed identity.

__b__ 3. Authentication

  1. The firewall technique that filters traffic by comparing the information in packet headers to a table of established connections.

__m__ 4. Authorization

  1. A flaw or weakness in a program.

__f__ 5. Demilitarized zone (DMZ)

  1. A test to determine the time it takes to compromise a system.

__t__ 6. Deep packet inspection

  1. A subnetwork that is accessible from the Internet but separate from the organization’s internal network.

__o__ 7. router

  1. The device that connects the organization to the Internet.

__j__ 8. social engineering

  1. The rules (protocol) that govern routing of packets across networks.

__k__ 9. firewall

  1. The rules (protocol) that govern the division of a large file into packets and subsequent reassembly of the file from those packets.

__n__ 10. hardening

  1. An attack that involves deception to obtain access.

__l__ 11. CIRT

  1. A device that provides perimeter security by filtering packets.

__a__ 12. patch

  1. The set of employees assigned responsibility for resolving problems and incidents.

___u_ 13. virtualization

  1. Restricting the actions that a user is permitted to perform.

__i__ 14. Transmission Control Protocol (TCP)

  1. Improving security by removal or disabling of unnecessary programs and features.

_q___ 15. static packet filtering

  1. A device that uses the Internet Protocol (IP) to send packets across networks.

__g__ 16. border router

  1. A detective control that identifies weaknesses in devices or software.

__p__ 17. vulnerability scan

  1. A firewall technique that filters traffic by examining the packet header of a single packet in isolation.

__e__ 18. penetration test

  1. The process of applying code supplied by a vendor to fix a problem in that vendor’s software.

_r___ s. patch management

  1. Software code that can be used to take advantage of a flaw and compromise a system.

_v___ t. cloud computing

  1. A firewall technique that filters traffic by examining not just packet header information but also the contents of a packet.

  1. The process of running multiple machines on one physical server.

  1. An arrangement whereby a user remotely accesses software, hardware, or other resources via a browser.

8.2 Install and run the latest version of the Microsoft Baseline Security Analyzer on your home computer or laptop. Write a report explaining the weaknesses identified by the tool and how to best correct them. Attach a copy of the MBSA output to your report.

Download 0.51 Mb.

Share with your friends:
1   2   3   4   5   6   7   8   9   ...   19

The database is protected by copyright © 2020
send message

    Main page