Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 10: Auditing, Monitoring, and Logging

arrow
Exam 1: Introduction to Information Security50 Questionsadd course
Exam 2: Introduction to Networking50 Questionsadd course
Exam 3: Cryptography50 Questionsadd course
Exam 4: Firewall Technologies and Administration50 Questionsadd course
Exam 5: Network Authentication and Remote Access Using Vpn50 Questionsadd course
Exam 6: Network Monitoring and Intrusion Detection and Prevention Systems50 Questionsadd course
Exam 7: Wireless Network Security49 Questionsadd course
Exam 8: Security of Web Applications50 Questionsadd course
Exam 9: Network Vulnerability Assessment49 Questionsadd course
Exam 10: Auditing, Monitoring, and Logging50 Questionsadd course
Exam 11: Contingency Planning and Networking Incident Response50 Questionsadd course
Exam 12: Digital Forensics50 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

COBIT provides a framework to support information security requirements and assessment needs.

Free
(True/False)
4.8/5
(33)
Question 1
Correct Answer:
Verified

True

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -A list of the versions of components that make up a build.

Free
(Short Answer)
4.8/5
(38)
Question 2
Correct Answer:
Verified

F

Describe two places where network connection events may be tracked and explain what events can be tracked.

Free
(Essay)
4.9/5
(40)
Question 3
Correct Answer:
Verified

These types of events can be tracked at a system level, but they can also be tracked at the firewalls (or other network egress points) to provide the most visibility on network activity. Administrators can track connections that are allowed and established, connections that are denied and fail, or other network activity that does not fall into the firewall's ruleset.

On most current versions of Microsoft Windows-based systems, logging is managed by the ____, which is accessible from the system control panel.

(Multiple Choice)
4.9/5
(34)
Question 4

The primary purpose of ____ is to enable organizations to obtain certification; thus, it serves more as an assessment tool than an implementation framework.

(Multiple Choice)
4.8/5
(31)
Question 5

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -A collection of configuration items that is usually controlled and that developers use to construct revisions and to issue new configuration items.

(Short Answer)
4.8/5
(27)
Question 6

Which COBIT domain focuses on the functionality of the system for the end user?

(Multiple Choice)
4.8/5
(39)
Question 7

____ demonstrates that management has identified an acceptable risk level and provided resources to control unacceptable risk levels.

(Multiple Choice)
4.9/5
(42)
Question 8

Tracking events in which group membership has changed or rights have been elevated gives security professionals a warning that ____ is occurring.

(Multiple Choice)
4.8/5
(39)
Question 9

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -A minor revision of the version from its previous state.

(Short Answer)
4.8/5
(40)
Question 10

To investigate running processes, we would turn to the ____ in Linux.

(Multiple Choice)
4.8/5
(36)
Question 11

____________________ is the period of time that log files or log file data should be maintained.

(Short Answer)
4.9/5
(38)
Question 12

After a change has been reviewed and evaluated, what three actions might be taken?

(Essay)
4.7/5
(36)
Question 13

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -The recorded state of a particular revision of a software or hardware configuration item.

(Short Answer)
4.7/5
(27)
Question 14

A(n) ____ is a task being performed by a computing system.

(Multiple Choice)
4.8/5
(34)
Question 15

As part of the initiation and planning audit phase, it is customary for a(n) ____ to be developed, which serves as a service agreement between the auditing team and the requesting entity.

(Multiple Choice)
4.8/5
(32)
Question 16

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -A significant revision of the version from its previous state.

(Short Answer)
4.8/5
(33)
Question 17

A(n) ____________________ is a measurement of activity that represents the normal state or routine condition.

(Short Answer)
4.9/5
(42)
Question 18

What is the purpose of ISO/IEC 27002?

(Essay)
4.9/5
(30)
Question 19

Match each item with a statement below. a.Configuration item f.Build list b.Version g.Configuration c.Major release h.Revision date d.Minor release i.Software library e.Build -The date associated with a particular version or build.

(Short Answer)
4.9/5
(24)
Question 20
Showing 1 - 20 of 50
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)