GCC Class 2 Lesson 4 Quiz

  1. You are designing a new Web application service for your company. An initial design review reveals a number of attack surfaces not identified in the initial baseline for the application, including unneeded network services that are enabled. What should you do?

    B. Remove unneeded service from the design
  2. Which of the following is the least intrusive way of checking an environment for know software flaws?

    C. Vulnerability Scanner
  3. After a system risk assessment, the cost to mitigate a risk is higher than the expected loss if the threat materializes. In this situation, which of the following is the better course of action?

    A. Accept the risk
  4. After completing a risk assessment, a security administrator recommends that the network owner take actions to prevent future security incidents. Which of the following describes this type of action?

    B. Risk Mitigation
  5. What is likely your best course of action when a vulnerability is identified on an operating system?

    D. Visit the OS manufacturer's website for information and a patch.
Card Set
GCC Class 2 Lesson 4 Quiz
GCC Class 2 Lesson 4 Quiz