Terms Related to Security+ Cert.

[netsurfer802]

 

 I've taken a pre-test for the Security+ certification and was wondering if the following terms could be explained...since I've tried to look them up online and haven't come across a clear explanation:

RBLS

health policies

Due Care

Text in which RBLS appears:

Which of the following mail servers is vulnerable to abuse as an open relay?

Select one:

a. POP3

b. SMTP 

c. RBLS

d. IMAP

Text in which health policies appears:

When planning a network access control system, which of the following elements are important (choose THREE)?

Select one or more:

a. Installing TPMs in all user hardware

b. Devising remediation options 

c. Devising health policies

d. Creating a segmented network using VLANs 

e. Deploying the system as quickly as possible

Text in which Due Care appears:

What type of operational policy would forbid system administrators from abusing their privileges to snoop on user data files?

Select one:

a. Due Care

b. Need To Know

c. Acceptable Use

d. Code of Ethics

Thanks in advanced for any helpful explanation/s.

 

[Matt]

This is all explained in a glossary.  When I was studying for my SSCP, all of these terms were clearly defined.

 

Real time blackhole list is a database of IPs of known spammers.  People that subscribe to these lists want to protect their email network from spammers.

 

Due care is a process, which is not limited to security, that simple proves that all was done to a best effort to prevent an incident.  If an organization shows that due care was taken, the chances of them being accused of negligence is decreased.

 

I am not familiar with health policies but this can easily be looked up.

[gohpep]

Health policies are the policies you set to configure in NAC for endpoint checks to see if the computer is 'healthy'. You are defining what it means for a computer to be healthy, so it will be accepted into the network.

 

At least that's what I know. I would do some further research, but that's the general idea.