Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ 501 > 1.5 > Flashcards

1.5 Flashcards

1
Q

vulnerability scanning

A

Vulnerability scanning is used to discover weaknesses in deployed security systems in order to improve or repair them before a breach occurs. By using a wide variety of assessment tools, security administrators can learn about deficiencies quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

passive testing of security controls

A

A passive test of security controls is being performed when an automated vulnerability scanner is being used that seeks to identify weaknesses without fully exploiting discovered vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

vulnerability identification

A

A scanner that is able to identify a vulnerability does so through a testing probing process defined in its database of evaluations. The goal of a vulnerability scanner is to inform you of any potential weaknesses or attack points on your network, within a system, or against an individual application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

identification of a lack of security controls

A

An important task for a vulnerability scanner is to identify any necessary or best-practice security controls that are not present in the evaluated target. Such a report may indicate that updates and patches are not applied or that a specific security mechanism is not present.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

identification of a lack of security controls

A

An important task for a vulnerability scanner is to identify any necessary or best-practice security controls that are not present in the evaluated target. Such a report may indicate that updates and patches are not applied or that a specific security mechanism is not present.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

identify common misconfigurations

A

Many vulnerability scanners can determine whether or not you have improper, poor, or misconfigured systems and protections. If a vulnerability scanner is able to detect this issue, so can an attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

intrusive vs. nonintrusive

A

An intrusive vulnerability scan attempts to exploit any flaws or vulnerabilities detected (also known as active evaluation). A nonintrusive vulnerability scan only discovers the symptoms of flaws and vulnerabilities and doesn’t attempt to exploit them (also known as passive evaluation).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

credentialed vs. noncredentialed.

A

A credentialed scan is one where the logon credentials of a user, typically a system administrator or the root, must be provided to the scanner in order for it to perform its work. A noncredentialed scan is one where no user accounts are provided to the scanning tool, so only those vulnerabilities that don’t require credentials are discovered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

false positive is

A

A false positive occurs when an alarm or alert is triggered by benign or normal events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

false negative is.

A

A false negative occurs when an alarm or alert is not triggered by malicious or abnormal events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ 501 (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions