security chapter 15

During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities?
threat scanner
vulnerability profiler
port scanner
application profiler

port scanner

A port scanner can be used to search a system for port vulnerabilities. The RADMIN port scanner is an example of this type of software.
True
False

True

What is another term used for a security weakness?
threat
vulnerability
risk
opportunity

vulnerability

An administrator running a port scan wants to ensure that no processes are listening on port 23. What state should the port be in?
open port
open address
closed address
closed port

closed port

What is the name for the code that can be executed by unauthorized users within a software product?
vulnerability surface
risk profile
input surface
attack surface

attack surface

What is the term for a network set up with intentional vulnerabilities?
honeynet
honeypot
honeycomb
honey hole

honeynet

The comparison of the present state of a system to its baseline is known as what?
Baseline reporting
Compliance reporting
Baseline assessment
Compliance review

Baseline reporting

The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur?
threat mitigation
threat profiling
risk modeling
threat modeling

threat modeling

What is the name of the process that takes a snapshot of the current security of an organization?
threat analysis
vulnerability appraisal
risk assessment
threat assessment

vulnerability appraisal

​What term below describes a prearranged purchase or sale agreement between a government agency and a business?
​Service Level Agreement (SLA)
​Memorandum of Understanding (MOU)
​Blanket Purchase Agreement (BPA)
​Interconnection Security Agreement (ISA)

​Blanket Purchase Agreement (BPA)

​A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as a:
Blanket Purchase Agreement (BPA)
​Service Level Agreement (SLA)
​Memorandum of Understanding (MOU)
​Interconnection Security Agreement (ISA)

​Service Level Agreement (SLA)

What term below describes the start-up relationship between partners?​
​Off-boarding
​Uptaking
​On-boarding
​Uploading

On-boarding

Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard?
profile
threat
control
baseline

baseline

Vulnerability scans are usually performed from outside the security perimeter.
True
False

False

What is the end result of a penetration test?
penetration test profile
penetration test report
penetration test system
penetration test view

penetration test report

A healthy security posture results from a sound and workable strategy toward managing risks.
True
False

True

An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use?
application analyzer
protocol analyzer
threat profiler
system analyzer

protocol analyzer

Which scan examines the current security, in a passive method?
application scan
system scan
threat scan
vulnerability scan

vulnerability scan

A port in what state below implies that an application or service assigned to that port is listening for any instructions?
open port
empty port
closed port
interruptible system

open port

If TCP port 20 is open, then an attacker can assume that FTP is being used.
True
False

true

In software development, the process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development.

Architectural design

The code that can be executed by unauthorized users in a software program.

Attach surface

A comparison of the present state of a system to its baseline

Baseline reporting

An agreement through which parties in a relationship can reach an understanding of their relationships and responsibilities..

interoperability agreement

A penetration test where some limited information has been provided to the tester

Gray box

Disabling unused application/service ports to reduce the number of threat vectors.

Port security

In software development, presenting the code to multiple reviewers in order to reach agreement about its security

Code review

A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, but are actually imitations of real data files, to trick attackers into revealing their attack techniques.

Honeypot

The start-up relationship agreement between parties

On-boarding business partners

The termination of an agreement between parties.

Off-boarding business partners

security chapter 15 - Subjecto.com

security chapter 15

Your page rank:

Total word count: 703
Pages: 3

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities?
threat scanner
vulnerability profiler
port scanner
application profiler

port scanner

A port scanner can be used to search a system for port vulnerabilities. The RADMIN port scanner is an example of this type of software.
True
False

True

What is another term used for a security weakness?
threat
vulnerability
risk
opportunity

vulnerability

An administrator running a port scan wants to ensure that no processes are listening on port 23. What state should the port be in?
open port
open address
closed address
closed port

closed port

What is the name for the code that can be executed by unauthorized users within a software product?
vulnerability surface
risk profile
input surface
attack surface

attack surface

What is the term for a network set up with intentional vulnerabilities?
honeynet
honeypot
honeycomb
honey hole

honeynet

The comparison of the present state of a system to its baseline is known as what?
Baseline reporting
Compliance reporting
Baseline assessment
Compliance review

Baseline reporting

The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur?
threat mitigation
threat profiling
risk modeling
threat modeling

threat modeling

What is the name of the process that takes a snapshot of the current security of an organization?
threat analysis
vulnerability appraisal
risk assessment
threat assessment

vulnerability appraisal

​What term below describes a prearranged purchase or sale agreement between a government agency and a business?
​Service Level Agreement (SLA)
​Memorandum of Understanding (MOU)
​Blanket Purchase Agreement (BPA)
​Interconnection Security Agreement (ISA)

​Blanket Purchase Agreement (BPA)

​A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as a:
Blanket Purchase Agreement (BPA)
​Service Level Agreement (SLA)
​Memorandum of Understanding (MOU)
​Interconnection Security Agreement (ISA)

​Service Level Agreement (SLA)

What term below describes the start-up relationship between partners?​
​Off-boarding
​Uptaking
​On-boarding
​Uploading

On-boarding

Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard?
profile
threat
control
baseline

baseline

Vulnerability scans are usually performed from outside the security perimeter.
True
False

False

What is the end result of a penetration test?
penetration test profile
penetration test report
penetration test system
penetration test view

penetration test report

A healthy security posture results from a sound and workable strategy toward managing risks.
True
False

True

An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use?
application analyzer
protocol analyzer
threat profiler
system analyzer

protocol analyzer

Which scan examines the current security, in a passive method?
application scan
system scan
threat scan
vulnerability scan

vulnerability scan

A port in what state below implies that an application or service assigned to that port is listening for any instructions?
open port
empty port
closed port
interruptible system

open port

If TCP port 20 is open, then an attacker can assume that FTP is being used.
True
False

true

In software development, the process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development.

Architectural design

The code that can be executed by unauthorized users in a software program.

Attach surface

A comparison of the present state of a system to its baseline

Baseline reporting

An agreement through which parties in a relationship can reach an understanding of their relationships and responsibilities..

interoperability agreement

A penetration test where some limited information has been provided to the tester

Gray box

Disabling unused application/service ports to reduce the number of threat vectors.

Port security

In software development, presenting the code to multiple reviewers in order to reach agreement about its security

Code review

A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, but are actually imitations of real data files, to trick attackers into revealing their attack techniques.

Honeypot

The start-up relationship agreement between parties

On-boarding business partners

The termination of an agreement between parties.

Off-boarding business partners

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending