Quiz: Integrated threat management
1. In 2005, malware attacks increased by:
a. 32 percent
b. 48 percent
c. 75 percent
d. Trick question -- malware attacks actually decreased in 2005
Answer (in bulleted list)
2. A threat management policy might limit installation of greynet applications. Which of the following is a greynet application:
a.an instant messaging program
b. a peer-to-peer collaboration program
c. an RSS reader
d. a streaming media player
e. all of the above
Answer
3. Along with a virus/worm combo, an attacker might distribute this type of code that installs on the recipient's computer to be triggered by some future event. What is it?
Answer
4. In an integrated approach, security software is distributed to end-user devices but centrally managed. This approach is known as:
a. application security
b. physical security
c. endpoint security
Answer
5. A comprehensive approach to network security probably includes the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. The term we use for these processes comes from criminology and the legal profession. What is it?
Answer
6. Someone who breaks into a computer system or network is often referred to, inappropriately, as a "hacker." What term is used more accurately?
Answer
7. One reason to deploy integrated threat management is the increased incidence of this "mixed cocktail" of malware. What is it?
Answer
8. In addition to protecting the end-user, integrated threat management emphasizes securing the _________, which is a network point that serves as an entrance to another network.
a. gateway
b. node
c. host
Answer
9. One benefit of integrated threat management is the simplification of acquiring, testing, and installing multiple code changes to administered computer systems. This area of system management is known as ___________.
Answer
10. This is like intrusion detection -- only more proactive. What is it?
Answer