INMT 441 Exam2
Asset Management - answer Defined as the data, personnel, devices, systems, and
facilities that enable the organization to achieve business purposes are identified and
managed consistent with their relative importance to organizational objectives and the
organization's risk strategy
Frequently Overlooked Asset Management – answer o Licensing
o Labeling
o Warranty
o Lifecycle
o Inventory
Common Inventory Fields: Asset ID - answer Uniquely identifies the asset (Does not
have to be a physical asset)
Common Inventory Fields: Make - answer Refers to the manufacturer
Common Inventory Fields: Model - answer Unique number given to each product by
manufacturer
Common Inventory Fields: Serial Number - answer Uniquely identifies a specific item
Common Inventory Fields: Asset Tag - answerA physical label that affixes to the asset
Common Inventory Fields: Operating System - answerThe software that supports a
computers basic functioning
Common Inventory Fields: MAC Address (Media Access Control Address) - answerA
hard-coded address that is assigned to a network interface card on a device.
Common Inventory Fields: IP Address - answerIdentifies the address of a device on the
internet
Common Assets - answerBusiness Services
Hardware
o Servers
o Computers
o Mobile Devices
term-12
Software
,o Operating Systems
o Applications
o Software Licenses
Organizations
o Facilities
o Employees
o Teams
Single Point of Failure (with people) - answerthe one thing that causes the business to
fail, such as only having one person taking in the requests for access, software, etc then
if they get sick then the business stops)
Ticket - answeryou tell them what is wrong, and they keep a record of all processes that
goes around that fixing that issue (who what when where why)
Lifecycle Management: Procurement - answerAsset is acquired and delivered to the
location
Lifecycle Management: Usage - answerAsset provides the intended service to the
organization. Should be regularly maintained
Lifecycle Management: End of Life - answerEither asset has reached full usage or the
cost to maintain it has become too high
Lifecycle Management: Disposal - answerShould be done with a focus on financial and
environmental sustainability
degaussing: taking a strong magnetic and running over the hard drive to wipe it
third-parties: companies that specialize in device destruction
Common Protections - answerHost-based Firewall
o can be a physical device that exists outside computer (or it can be internal); denies
and allows traffic
White-listing/Black-listing
o applications we allow to be on our computers/devices of employees
o white listing is considered more secure (nothing is okay to download, access, etc,
except for the ones that they specifically say is allowed)
Data encryption
o take the data that is on our hard drive or device, and make that data unreadable in
some way (changes appearance)
Anti-Malware
, Malware Examples - answero Computer Virus - malicious codes that replicate
themselves by infecting/modifying other programs (we can download this)
o Worm - a standalone malware that replicates and spreads over network
o Trojan horse - a malware that misleads users of its true intent
o Adware - planting advertisement on a system
o Spyware - a malware that gathers information from users and sends to others (you
don't even know its there, most dangerous)
o Ransomware - a malware that coerces user to pay for removal
Malware - answerShort for malicious software. Designed to infiltrate, damage, or obtain
information from a computer system without the owner's consent.
Anti-Virus Software - answerAn application software deployed at multiple points in an IT
architecture. It is designed to detect and potentially eliminate virus code before damage
is done and repair or quarantine files that have already been infected.
Endpoint - answerAn Internet-capable computer hardware device on a TCP/IP network.
It's a remote computing device that communicates back and forth with a network to
which it is connected
The term can refer to desktop computers, laptops, smart phones, tablets, thin clients,
printers or other specialized hardware such as sensors, actuators, point of sale
terminals (POS terminals) and smart meters.
Encryption - answerThe method by which information is converted into secret code that
hides the information's true meaning. The science of encrypting and decrypting
information is called cryptography. In computing, unencrypted data is also known as
plaintext, and encrypted data is called ciphertext. The formulas used to encode and
decode messages are called encryption algorithms, or ciphers.
Host-Based Firewall - answerA piece of firewall software that runs on an individual
computer or device connected to a network.
Black- Listing - answerThe process of blocking communication to specific domains,
email addresses, or websites. Starts with an allow-all policy.
White-Listing - answerThe process of allowing specific connections/communications to
specific domains, email addresses or websites. Starts with a deny-all policy.
Ways to deal with malware: Preventive - answero Patch/update management: keep
your system updated
o Application whitelisting: e.g. Microsoft Defender Application Control
o Better design and configuration: e.g., system/network segmentation, system
configuration (msconfig, and Autoruns.exe in Sysinternals Suite)
o Employee training (e.g., anti-phishing), ISP, and code of conduct
Asset Management - answer Defined as the data, personnel, devices, systems, and
facilities that enable the organization to achieve business purposes are identified and
managed consistent with their relative importance to organizational objectives and the
organization's risk strategy
Frequently Overlooked Asset Management – answer o Licensing
o Labeling
o Warranty
o Lifecycle
o Inventory
Common Inventory Fields: Asset ID - answer Uniquely identifies the asset (Does not
have to be a physical asset)
Common Inventory Fields: Make - answer Refers to the manufacturer
Common Inventory Fields: Model - answer Unique number given to each product by
manufacturer
Common Inventory Fields: Serial Number - answer Uniquely identifies a specific item
Common Inventory Fields: Asset Tag - answerA physical label that affixes to the asset
Common Inventory Fields: Operating System - answerThe software that supports a
computers basic functioning
Common Inventory Fields: MAC Address (Media Access Control Address) - answerA
hard-coded address that is assigned to a network interface card on a device.
Common Inventory Fields: IP Address - answerIdentifies the address of a device on the
internet
Common Assets - answerBusiness Services
Hardware
o Servers
o Computers
o Mobile Devices
term-12
Software
,o Operating Systems
o Applications
o Software Licenses
Organizations
o Facilities
o Employees
o Teams
Single Point of Failure (with people) - answerthe one thing that causes the business to
fail, such as only having one person taking in the requests for access, software, etc then
if they get sick then the business stops)
Ticket - answeryou tell them what is wrong, and they keep a record of all processes that
goes around that fixing that issue (who what when where why)
Lifecycle Management: Procurement - answerAsset is acquired and delivered to the
location
Lifecycle Management: Usage - answerAsset provides the intended service to the
organization. Should be regularly maintained
Lifecycle Management: End of Life - answerEither asset has reached full usage or the
cost to maintain it has become too high
Lifecycle Management: Disposal - answerShould be done with a focus on financial and
environmental sustainability
degaussing: taking a strong magnetic and running over the hard drive to wipe it
third-parties: companies that specialize in device destruction
Common Protections - answerHost-based Firewall
o can be a physical device that exists outside computer (or it can be internal); denies
and allows traffic
White-listing/Black-listing
o applications we allow to be on our computers/devices of employees
o white listing is considered more secure (nothing is okay to download, access, etc,
except for the ones that they specifically say is allowed)
Data encryption
o take the data that is on our hard drive or device, and make that data unreadable in
some way (changes appearance)
Anti-Malware
, Malware Examples - answero Computer Virus - malicious codes that replicate
themselves by infecting/modifying other programs (we can download this)
o Worm - a standalone malware that replicates and spreads over network
o Trojan horse - a malware that misleads users of its true intent
o Adware - planting advertisement on a system
o Spyware - a malware that gathers information from users and sends to others (you
don't even know its there, most dangerous)
o Ransomware - a malware that coerces user to pay for removal
Malware - answerShort for malicious software. Designed to infiltrate, damage, or obtain
information from a computer system without the owner's consent.
Anti-Virus Software - answerAn application software deployed at multiple points in an IT
architecture. It is designed to detect and potentially eliminate virus code before damage
is done and repair or quarantine files that have already been infected.
Endpoint - answerAn Internet-capable computer hardware device on a TCP/IP network.
It's a remote computing device that communicates back and forth with a network to
which it is connected
The term can refer to desktop computers, laptops, smart phones, tablets, thin clients,
printers or other specialized hardware such as sensors, actuators, point of sale
terminals (POS terminals) and smart meters.
Encryption - answerThe method by which information is converted into secret code that
hides the information's true meaning. The science of encrypting and decrypting
information is called cryptography. In computing, unencrypted data is also known as
plaintext, and encrypted data is called ciphertext. The formulas used to encode and
decode messages are called encryption algorithms, or ciphers.
Host-Based Firewall - answerA piece of firewall software that runs on an individual
computer or device connected to a network.
Black- Listing - answerThe process of blocking communication to specific domains,
email addresses, or websites. Starts with an allow-all policy.
White-Listing - answerThe process of allowing specific connections/communications to
specific domains, email addresses or websites. Starts with a deny-all policy.
Ways to deal with malware: Preventive - answero Patch/update management: keep
your system updated
o Application whitelisting: e.g. Microsoft Defender Application Control
o Better design and configuration: e.g., system/network segmentation, system
configuration (msconfig, and Autoruns.exe in Sysinternals Suite)
o Employee training (e.g., anti-phishing), ISP, and code of conduct
