Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather information about vulnerabilities. This may be through automated scanning or manual testing using various tools like
ping, traceroute, netcat etc
.
Which tool can capture packets transmitted between systems over a network?
tcpdump
. A well-known packet capture tool that can be used to monitor network traffic.
What ISO security standard can help guide the creation of an organizations security policy?
Part of the ISO 27000 series of information security standards,
ISO 27001
is a framework that helps organisations “establish, implement, operate, monitor, review, maintain and continually improve an ISMS”.
Which type of malware is an executable program that attaches to or infects other executable programs?
A computer virus
is an executable program that attaches to, or infects, other executable programs. Trojans are self-contained programs designed to propagate from one host machine to another using the host’s own network communications protocols.
What type of network device normally connects directly to endpoints?
The term “
router
” describes a device that connects two or more networks and selectively interchanges packets of data between them. The Data Link Layer of the OSI Reference Model is responsible for transmitting information on computers connected to the same local area network (LAN).
Which term is another name for a switching loop?
A switching loop or
bridge loop
occurs in computer networks when there is more than one layer 2 path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other).
Is packet sniffing active or passive?
Overview. Packet Sniffers are a
type of Passive Service
. Rather than opening up a TCP port and actively listening for requests, the Packet Sniffer passively reads raw data packets off the network interface. The Sniffer assembles these packets into complete messages that can then be passed into an associated policy.
What are the 14 domains of ISO 27001?
- 5 – Information security policies (2 controls) …
- 6 – Organisation of information security (7 controls) …
- 7 – Human resource security (6 controls) …
- 8 – Asset management (10 controls) …
- 9 – Access control (14 controls) …
- 10 – Cryptography (2 controls)
Is ISO 27001 mandatory?
In most countries,
implementation of ISO 27001 is not mandatory
. However, some countries have published regulations that require certain industries to implement ISO 27001.
What is the difference between ISO 27001 and 27002?
Basically,
ISO 27001 sets forth the compliance requirements needed to become certified
. In contrast, ISO 27002 is a set of guidelines that are designed to help you introduce and implement ISMS best practices. Here’s a simpler analogy, ISO 27002 is like a guidebook or a practice test.
What are the 3 types of viruses?
- Macro viruses – These are the largest of the three virus types. …
- Boot record infectors – These viruses are known also as boot viruses or system viruses. …
- File infectors – These viruses target .
What malware term best describes when a hacker takes over your computer to make it do things for the hacker without your knowledge?
15.
Spyware
. A type of malware that functions by spying on user activity without their knowledge. The capabilities include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.
Can malware be downloaded if you open an attachment?
Most viruses, Trojan horses, and
worms
are activated when you open an attachment or click a link contained in an email message. If your email client allows scripting, then it is possible to get a virus by simply opening a message.
What is the most common technique for protecting a network?
- Access control. …
- Anti-malware software. …
- Anomaly detection. …
- Application security. …
- Data loss prevention (DLP) …
- Email security. …
- Endpoint security. …
- Firewalls.
What are the best practices in creating your home network?
- Migrate to a Modern Operating System. …
- Install a Security Suite. …
- Protect Passwords. …
- Limit Use of the Administrator Account. …
- Update Software from Trusted Sources. …
- Improve Administrator Control. …
- Employ Firewall Capabilities. …
- Implement WPA2 on the Wireless Network.
What are network best practices?
- Understand the OSI Model. …
- Understand Types of Network Devices. …
- Know Network Defenses. …
- Segregate Your Network. …
- Place Your Security Devices Correctly. …
- Use Network Address Translation. …
- Don’t Disable Personal Firewalls. …
- Use Centralized Logging and Immediate Log Analysis.