1.6 Explain the security concerns associated with various types of vulnerabilities

Question 1

Cloud-based vs. on-premises vulnerabilities

Question 2

Zero-day

Question 3

Weak configurations
-Open permissions

Question 4

Weak configurations
-Unsecure root accounts

Question 5

Weak configurations
-Errors

Question 6

Weak configurations
-Weak encryption

Question 7

Weak configurations
-Unsecure protocols

Question 8

Weak configurations
-Default settings

Question 9

Weak configurations
-Open ports and services

Question 10

Third-party risks
-Vendor management/system integration/lack of vendor support

Question 11

Third-party risks
-Supply chain

Question 12

Third-party risks
-Outsourced code development

Question 13

Third-party risks
-Data storage

Question 14

Improper or weak patch management
-Firmware

Question 15

Improper or weak patch management
-Operating system (OS)

Question 16

Improper or weak patch management
-Applications

Question 17

Legacy platforms

Question 18

Impacts
-Data loss

Question 19

Impacts
-Data breaches

Question 20

Impacts
-Data exfiltration

Question 21

Impacts
-ID theft

Question 22

Impacts
-Financial

Question 23

Impacts
-Reputation