Malware - correct answer type of software designed specifically to attack a system
can be used to damage system files, provide access to systems,
... [Show More] disable, or take control of computers
Spyware - correct answer software that keeps track of a user's activity on a computer
Adware - correct answer software that presents unwanted material based on the user's activity
Virus - correct answer most common type of Malware
modifies another computer program and inserts its own code
Worms - correct answer similar to a virus in that it modifies another computer program, injecting its own code
will self-replicate without the user's knowledge
Trojans - correct answer type of malicious software that disguises itself as a regular piece of software
Social Engineers - correct answer when a person pretends to be someone else in order to get information about a netwwork or system
Security Technical Information Guide (STIG) - correct answer carefully crafted document that includes not only DoD policies and security regulations, but also up-to-date best practices and configuration guidelines
DISA - correct answer Defense Information Systems Agency
STIG community - correct answer Anyone who uses a STIG
Host-Based Security Systems (HBSS) - correct answer located on the individual workstation or the host
Commercial Off-the-Shelf product
Assured Compliance Assessment Solution (ACAS) - correct answer suite of products to include Red Hat Enterprise Linux, Security Center, Nessus Scanner, and Nessus Network Monitor (NNM)
Security Center - correct answer Central console for ACAS
offers ability to automate and quickly scale an organization's vulnerability and compliance scanning infastructure
provides capabilities to allow for management, alerting, and reporting against vulnerability and compliance requirements
Nessus Scanner - correct answer covers a breadth of checks, including unique Common Vulnerabilities and Exposures (CVEs)
Nessus Network Monitor (NNM) - correct answer monitors network traffic in real-time
determines server and client side vulnerabilities and sends these to Security Center in real-time
Continuously looks for new hosts, new applications, and new vulnerabilities without requiring the need for active scanning
Public Key Infastructure (PKI) - correct answer framework that consists of hardware, software, people, processes, and policies
establishes safe and reliable environment for electronic transactions on the internet
protects the confidentiality, integrity, authenticity, and non-repudiation of data
Authenticity - correct answer you know with whom you are communicating
Confidentiality - correct answer keeping secrets secret
Integrity - correct answer nothing is modified behind your back [Show Less]