The STIG configuration settings are converted to _____, imported into ____ , and used by ____________ to audit asset configurations for ____ - correct
... [Show More] answer SCRAP content
Security Center
Nessus Scanners
Compliance
malware - correct answer type of sofewware that is designed to attack a system
used to damage system files, provide access to systems, disable or even take control of computers
spyware - correct answer software that keeps track of a users activity on a computer.
then it sends the info to another entity without th user's consent
virus - correct answer most common type of malware. it modifies another computer program and inserts its own code. The affected area are then considered "infected"
worms - correct answer similar to virus; it modifies another computer program, injecting its own code.
social engineering - correct answer when a person pretends to be someone else in order to get info about a network or system.
info is then used t attack the system to steal data
STIG - correct answer Security Technical Information Guide
STIG - correct answer document that includes DOD policies and security regulations, best practices and config guidelines.
used for securing a specific system or application in accordance with DoD requirements.
help you configure your systems for security and compliance with government Information Assurance (IA) requirements.
- how the government expects you to operate
worm and virus diff - correct answer The main difference is that a worm will self-replicate without the users knowledge.
trojan - correct answer type of malicious software that disguises itself as a regular piece of software. works as intended program would normally. begins to cause problems such as killing background processes or deleting data.
what does stig help avoid? - correct answer help avoid and detect intrusion, respond to and recover from security breaches if they occur, and implement security policies. provide guidance to ensure that your applications will be in compliance with DoD requirements. You can save significant time and money
DISA - correct answer Defense Information Systems Agency,
PKI - correct answer a public key infractructure, a framework that consists of hardware software, software, people, processes, and policies, that together helps identify and solve information security problems for you by establishing safe and reliable environment for electronic transactions. It uses PUBLIC KEY ENCRYPTION techniques to protect the confidentiality, integrity, authenticity and non-repudiation of data. PKI is a uniform way for different organizations to identify people through their digital certificates containing public keys. [Show Less]