Threat Intelligence
The metrics of the upper and lower bounds of specific indicators of normal network activity
What are Key Risk Indicators?
Securing endpoint computers primarily involves three major tasks
What are confirming, protecting, and hardening?
Protection on computer endpoints can be accomplished through software installed on the endpoint, such as
What is Antivirus software, antimalware, web browser protections, and monitoring and response systems
Hardening endpoints involves what two things
What is patch management and OS protections
This is a software development technique in which two or more functionally identical variants of a program are developed from the same specification but by different programmers or programming teams
What is software diversity?
What is an indicator of compromise?
Ensuring secure startup involves the
What is UEFI?
Software that can examine a computer for file-based virus infections and monitor computer activity
What is antivirus?
The two types of patch management tools to administer patches
What is patch management and patch reception?
Developing an application requires completing the following stages
What is
•Development
•Testing
•Staging
•Production
The two categories of threat intelligence sources
What are open and closed sources?
Early booting processes used firmware called the
What is BIOS?
A suite of software intended to provide protections against multiple types of malware
What is Antimalware
A typical OS security configuration should include the following
•Disabling unnecessary ports and services
•Disabling default accounts/passwords
•Employing least functionality
This takes advantage of vulnerability in the web application program or the web server software so that a user can move from the root directory to other restricted directories
What is a directory traversal attack?
Two concerns around public information sharing centers
What are privacy and speed?
Boot security involves _____ that each element used in each step of the boot process has not been modified
What is validating?
This prevents an unauthorized person from intercepting a cookie that is being transmitted between the browser and the web server
What is HTTPS?
The three tools used to confine and restrict malware
whitelisting/blacklisting, sandbox, quarantine
The process of integrating secure development best practices and methodologies into application software development and deployment processes using the agile model
What is SECDEVOPS?
The four useful sources of threat intelligence
What are vulnerability database, threat maps, file and code repositories, and the dark web?
When each element relies on the confirmation of the previous element to know that the entire process is secure
What is chain of command?
Monitor endpoint activity to immediately block a malicious attack by following specific rules
A “container” in which an application can be run so that it does not impact the underlying OS,
What is a sandbox?
Security testing performed after the source code is compiled
What is dynamic code analysis?