Network+ Ch 12 – Flashcards
Unlock all answers in this set
Unlock answersquestion
A __________ is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi
answer
Faraday Cage
question
___________ is a process of investigating deeper data on a computer and will essentially autopsy the computer to discover hidden data, such deleted files and file fragments, and who has accessed that data and when.
answer
Computer Forensics
question
The goal of a disaster recovery plan is to ensure _______________.
answer
Business Continuity
question
A _____________ is a small network that is segmented from the rest of the network, and contains computers, called test beds.
answer
Testing Lab
question
Microsoft sometimes releases a major group of patches to Windows or a Microsoft application, which it calls a _____________.
answer
Service Patch
question
A supervisory computer or server in an ICS or SCADA system that controls the physical system.
answer
Master Terminal Unit (MTU)
question
A magnetic hard drive eraser.
answer
Degausser
question
An enclosure made of conductive material that is designed to block electromagnetic signals, including Wi-Fi.
answer
Faraday Cadge
question
A method of authentication in which a device scans an individual's unique physical characteristics.
answer
Biorecognition access
question
An ICS server that collects and stores raw data.
answer
Acquisitions Server
question
A smart card that does not require contact with a proximity reader in order to be detected and receives the raw data and passes that information on to other servers in the SCADA system.
answer
Prox Card
question
An electronic access badge.
answer
Smart Card
question
A term that sometimes refers to wired communication, but generally refers to wireless communication that transmits data regarding specific measurements and conditions.
answer
Telementry
question
A document that details the work that must be completed for a particular project.
answer
Statement of Work (SOW)
question
A computer, including hardware and software that technicians use to monitor and manage physical systems in an industrial system.
answer
Human-Machine Interfaces (HMI)
question
What is a Historian?
answer
A server that collects and stores raw data.
question
What type of software is a correction, improvement, or enhancement to a piece of software?
answer
Patch
question
Which team role is the person on call who first notices or is alerted to a problem?
answer
Dispatcher
question
Upon receipt of what type of notification is a company required to activate a defensible policy for the preservation of relevant data?
answer
Legal Hold
question
What team member role, if necessary, learns about the situation and the response and then acts as official spokesperson for the organization to the public or other interested parties?
answer
Public Relations Specialist
question
Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, with some pieces appropriately configured, updated, or connected?
answer
Warm Site
question
What type of device can be used to erase contents of a hard drive using a magnetic field?
answer
Degausser
question
Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or connected?
answer
Cold Site
question
If a destructive program is running that might be destroying evidence, what should be done?
answer
Pull the power cable
question
What type of physical security solution involves a device that scans an individual's unique physical characteristics.
answer
Biorecognition access
question
In order to provide access to a historian by personnel working on the corporate network that are not authorized to work on the ICS network, where should the historian be placed?
answer
DMZ
question
When performing inventory on software packages, which of the following is not something that should be inventoried?
answer
Proprietary Source Code
question
What team member role coordinates the resources necessary to solve a problem.
answer
Manager
question
At what type of recovery site would computers, devices, and connectivity necessary to rebuilt a network exist, and all are appropriately configured, updated, and connected to match your network's current state?
answer
Hot Site
question
In computer forensics, hidden data such as deleted files and file fragments are know as what term?
answer
Ambient Data
question
What should be the first step of a response policy?
answer
Determine if Escalation is Necessary
question
Which of the following is NOT a step that should be taken as part of a response policy?
answer
Attempt to access files to determine if they are compromised.
question
The time period in which a change can be implemented is know as what potion below?
answer
Maintenance Window
question
What team member role focuses on only one thing: solving the problem as quickly as possible?
answer
Technical Support Specialist
question
An active card, which contains an internal battery, can provide a usable range of up to what distance?
answer
150m
question
What two terms describe the process that can reveal a great deal of information, called ESI (Electronically stored information)
answer
eDiscovery, Electronic Discovery
question
What two methods might be used by an ICS to control a physical system?
answer
Closed loop, Open loop System
question
A rollback is also known by what two terms below?
answer
Backleveling, Downgrading
question
eDiscovery and computer forensics reveal what two different types of data?
answer
Active data, Ambient data
question
A server that collects and stores raw data, and connects to field devices from which it receives raw data and passes data on to other SCADA systems, is known as what two terms below?
answer
Acquisitions server, I/O server
question
Any device in an ICS that is motorized and can control the physical system is called a fieldbus.
answer
False
question
Every security policy should include a response policy, which specifically defines the characteristics of an event that qualifies as a formal incident and the steps that should be followed as a result.
answer
True
question
The first step of a response policy should be to secure the area.
answer
False
question
Cipher locks are not designed for physical systems, such as on an outside door.
answer
True
question
The first step in asset management is to inventory all the components on the network.
answer
True