Exam (elaborations)
Sys Ops Module 5 Terms (1)
Sys Ops Module 5 Terms (1)
[Show more]
Seller
Follow
Content preview
Sys Ops Module 5 TermsAsset Configuration Control Module (ACCM) - ANS-A piece of software within ESS that can be
utilized for scanning clients and returning information from their current state of Windows.
Zeek - ANS-A free NIDS, can do more than just detect intrusions. It can also perform a
signature analysis. Additionally, this IDS software uses two elements to work, Event engine and
Policy scripts.
Snort - ANS-An open-source, multi-platform, and lightweight IDS. Designed to be
comprehensive and accurate in successfully logging malicious network activity and notifying
administrators when potential breaches occur.
Proxy - ANS-A network device or software acting on behalf of clients to retrieve requested
content from the internet.
Vulnerability Assessment Tools (VATs) - ANS-Used on information systems or networks looking
for weaknesses. Uses passive vulnerability scans. Does not attempt to exploit or mitigate
vulnerabilities to avoid interfering with normal operations
Microsoft Endpoint Configuration Manager (MECM) - ANS-Platform used by the Air Force to
monitor and maintain the thousands of systems across the Air Force Network. Can automate
much of the patch management process.
Software Center - ANS-One-stop location that allows clients to configure settings, schedule
software updates, install third party applications, and deploy operating systems.
Security Center - ANS-Single console access used by ACAS managing Nessus® scans at the
enterprise network level. Provides real-time detection of network anomalies and is scalable.
Authentication - ANS-Ensure that a user is who they say they are.
Authorization - ANS-Validating that a user has permission to access the application by
comparing the user's identity with a list of allowed users.
Accounting - ANS-Reviewing log events to determine who did what, when they did it, and how.
Assured Compliance Assessment Solution (ACAS) - ANS-Automatically identifies configuration
vulnerabilities. Includes a scanning device, report generator, and hierarchical reporting
capability to the Vulnerability Management System (VMS)
, SolarWinds Security Event Manager (SEM) - ANS-Designed to act as a comprehensive STIG
compliance tool that provides security monitoring, DISA STIG-specific audit logs, and real-time
security event monitoring. Both a HIDs and a NIDs, can be used as an analytical utility to
process data collected by Snort.
Transport Layer Security (TLS) - ANS-Primarily used for encrypting the communication between
web applications and servers, such as web browsers loading a website.
Intrusion Detection System (IDS) - ANS-A system that scans, audits, and monitors the security
infrastructure for signs of attacks in progress, uses sensors to do this monitoring.
Intrusion Prevention System (IPS) - ANS-Monitors for suspicious activity, which compares
against a known threat database or a baseline of normal activity and deploys remediation
techniques.
ePolicy Orchestrator (ePO) - ANS-What the operational units use to perform all normal control
and management of the ESS suite.
Nessus - ANS-Comprehensive vulnerability scanner. Performs configuration scans of servers,
network devices and databases to test for specific policy settings. Can perform scans of ports,
firewall configurations, and network devices and provides reports back to the system
administrator
STIGs - ANS-The configuration standards for DOD IA and IA enabled devices/systems.
tcpdump - ANS-CLI tool included in Red Hat Enterprise Linux, can show large amounts of traffic
flowing through a network. Prints all packet information to the screen or a log file.
Passive Vulnerability Scanner (PVS) - ANS-Monitors the network in real-time, looking for new
hosts, applications and new vulnerabilities. Sends real-time reports to the Security Center.
Security Content Automation Protocol (SCAP) Compliance Checker - ANS-An automated
compliance scanning tool that leverages the STIGs and OS-specific baselines to analyze and
report on the security configuration of an information system. Can also be used to to conduct a
manual audit of information system security controls.
Security Requirements Guides (SRG) - ANS-Provide more generalized information about a
system's security requirements.
McAfee Agent (MA) - ANS-The backbone of the ESS suite for the client. Utilized in subsequent
endpoint product installation. Used for communication to the ePO server.
Agent to Server Communication Interval (ASCI) - - ANS-Mandates how often the McAfee Agent
"check-ins" with the ePO.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for CA$11.50. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75759 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now