Name three types of devices that should be hardened for security.

Mobile devices, Workstations, Routers

What are three wireless security settings?

WPA3, RADIUS, Cryptographic protocols

What are two methods of input validation for application security?

Static code analysis, Secure cookies

What is sandboxing used for?

Isolating applications to prevent security breaches

What are the three phases of asset management?

Acquisition, Assignment, Disposal

What are three vulnerability identification methods?

Vulnerability scan, Penetration testing, Threat feed

What are the two key factors in vulnerability analysis confirmation?

False positives, False negatives

Name three vulnerability response techniques.

Patching, Segmentation, Insurance

What does SIEM stand for?

Security Information and Event Management

Name two security monitoring tools.

NetFlow, Vulnerability scanners

What are three types of firewall configurations?

Rules, Access lists, Ports/protocols

What are two examples of web filtering techniques?

URL scanning, Content categorization

What is the purpose of file integrity monitoring?

Detect unauthorized changes to files

What are three types of access control models?

Mandatory, Discretionary, Role-based

Name three factors of multifactor authentication.

Something you know, Something you have, Something you are

What is privileged access management used for?

Controlling and monitoring high-level access

Name two use cases of automation in security operations.

User provisioning, Ticket creation

What is a single point of failure in automation?

A system component that, if it fails, causes the entire system to fail

What are three steps in the incident response process?

Detection, Containment, Eradication

What are three aspects of digital forensics?

Legal hold, Chain of custody, Preservation

Name two types of log data useful in security investigations.

Firewall logs, Application logs

What are two common data sources in security investigations?

Vulnerability scans, Packet captures

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

Sec+ Domain 4

Questions and Answers from the Security+ Exam's Security Operations section

Question	Answer
What are the three steps of establishing secure baselines?	Establish, Deploy, Maintain
Name three types of devices that should be hardened for security.	Mobile devices, Workstations, Routers
What are two considerations when installing wireless devices?	Site surveys, Heat maps
What is MDM in mobile security?	Mobile Device Management
Name three mobile deployment models.	BYOD, COPE, CYOD
List three common wireless connection methods.	Cellular, Wi-Fi, Bluetooth
What are three wireless security settings?	WPA3, RADIUS, Cryptographic protocols
What are two methods of input validation for application security?	Static code analysis, Secure cookies
What is sandboxing used for?	Isolating applications to prevent security breaches
What are the three phases of asset management?	Acquisition, Assignment, Disposal
Name two methods of data sanitization.	Destruction, Certification
What is CVSS used for?	Scoring vulnerabilities
What are three vulnerability identification methods?	Vulnerability scan, Penetration testing, Threat feed
What are the two key factors in vulnerability analysis confirmation?	False positives, False negatives
Name three vulnerability response techniques.	Patching, Segmentation, Insurance
What are two key components of security alerting and monitoring?	Log aggregation, Alerting
What does SIEM stand for?	Security Information and Event Management
Name two security monitoring tools.	NetFlow, Vulnerability scanners
What are three types of firewall configurations?	Rules, Access lists, Ports/protocols
What are two components of IDS/IPS?	Trends, Signatures
What are two examples of web filtering techniques?	URL scanning, Content categorization
What is SELinux used for?	Operating system security
Name two secure email authentication methods.	DKIM, SPF
What is the purpose of file integrity monitoring?	Detect unauthorized changes to files
What are three types of access control models?	Mandatory, Discretionary, Role-based
Name three factors of multifactor authentication.	Something you know, Something you have, Something you are
What are three password best practices?	Length, Complexity, Expiration
What is privileged access management used for?	Controlling and monitoring high-level access
Name two use cases of automation in security operations.	User provisioning, Ticket creation
What is an advantage of security automation?	Efficiency/time-saving
What is a single point of failure in automation?	A system component that, if it fails, causes the entire system to fail
What are three steps in the incident response process?	Detection, Containment, Eradication
Name two types of security testing exercises.	Tabletop exercise, Simulation
What are three aspects of digital forensics?	Legal hold, Chain of custody, Preservation
Name two types of log data useful in security investigations.	Firewall logs, Application logs
What are two common data sources in security investigations?	Vulnerability scans, Packet captures

Created by: anapaulaseidel

Popular Computers sets

Definitions for Word Processing and the main parts of the MS Word 2010 window

WP Page Formatting

WP Paragraph Formatting terms

Review business letter parts

Review the three paragraph formats (block, indented, hanging indent)

WP font formatting features in Word 2010

Arkansas CBA unit 1 Hardware

"Know" box contains:
Time elapsed:
Retries: