Risk Management and Incident Response Processes

Questions and Answers

What is the purpose of a honeypot in network security?

• To host public facing services such as websites
• To intercept and read network traffic
• To provide a layer of security serving as a choke point
• To detect, monitor, and sometimes tamper with the activities and vulnerabilities of an attacker (correct)

Which network security tool is designed to search a network host for open ports on a TCP/IP-based network?

• Wireshark
• Proxy server
• Nessus
• Nmap (correct)

Which tool provides a graphical interface for capturing and analyzing network traffic?

• Nmap
• Tcpdump
• Wireshark (correct)
• Port Scanner

What is the primary function of Nessus in the context of network security?

Vulnerability assessment (B)

Which activity is part of the incident response process?

Eradication (B)

What is the first step in the risk management process?

Identify Asset (C)

What is the purpose of the 'Containment' step in the incident response process?

Preventing ongoing harm or damage (A)

Why is it important for both the PC and server to authenticate each other before data transmission?

To ensure secure and trustworthy communication (A)

What is the primary goal of the Health Insurance Rights and Privacy Act (HIPAA)?

To protect the confidentiality and integrity of personal health information (A)

Which act is specifically designed to protect the privacy of customers' non-public personal information?

Gramm-Leach-Bliley Act (GLBA) (D)

What is the main objective of the Children's Online Privacy Protection Act (COPPA)?

To set rules on data collection for children under 13 to protect their online privacy (B)

What is the focus of the Payment Card Industry Data Security Standard (PCI DSS)?

Companies that process credit card payments must protect its information (D)

Flashcards are hidden until you start studying