FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 12: Information Security Maintenance

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 21

Short Answer

Review LaterAdd Note

Review Later

The primary goal of the ____________________ monitoring domain is an informed awareness of the state of all the organization's networks, information systems, and information security defenses.

Correct Answer

verified

Show Answer

Question 22

True/False

Review LaterAdd Note

Review Later

The primary goal of the external monitoring domain is to maintain an informed awareness of the state of all the organization's networks, information systems, and information security defenses. _________________________

A) True
B) False

Correct Answer

verified

Show Answer

Question 23

Multiple Choice

Review LaterAdd Note

The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization.

WLAN stands for "wide local area network." _________________________

An effective information security governance program requires no ongoing review once it is well established.

Remediation of vulnerabilities can be accomplished by accepting or transferring the risk, removing the threat, or repairing the vulnerability.

The optimum approach for escalation is based on a thorough integration of the monitoring process into the __________.

Almost all aspects of a company's environment are ____________________, meaning threats that were originally assessed in the early stages of the project's systems development life cycle have probably changed and new priorities have emerged.

The ____________________ tester's ultimate responsibility is to identify weaknesses in the security of the organization's systems and networks and then present findings to the system owners in a detailed report.

Rehearsals that use plans as realistically as possible are called ____________________ games.

For configuration management (CM) and control, it is important to document the proposed or actual changes in the system security plan. _________________________

As the help desk personnel screen problems, they must also track the activities involved in resolving each complaint in a help desk ____________________ system.

A(n) ____________________ analysis is a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).

The basic function of the external monitoring process is to monitor activity, report results, and escalate warnings. _________________________

Detailed __________ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported.

Major planning components should be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate.

Common vulnerability assessment processes include: 

Documenting information system changes and assessing their potential impact on system security is an important and consequential part of digital forensics.

Over time, external monitoring processes should capture information about the external environment in a format that can be referenced across the organization as threats emerge and for historical use.

Threats cannot be removed without requiring a repair of the vulnerability.