1.7 Summarize the techniques used in security assessments

Question 1

Threat hunting
-Intelligence fusion

Question 2

Threat hunting
-Threat feeds

Question 3

Threat hunting
-Advisories and bulletins

Question 4

Threat hunting
-Maneuver

Question 5

Vulnerability scans
-False positives

Question 6

Vulnerability scans
-False negatives

Question 7

Vulnerability scans
-Log reviews

Question 8

Vulnerability scans
-Credentialed vs. non-credentialed

Question 9

Vulnerability scans
-Intrusive vs. non-intrusive

Question 10

Vulnerability scans
-Application

Question 11

Vulnerability scans
-Web application

Question 12

Vulnerability scans
-Network

Question 13

Vulnerability scans
-Common vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)

Question 14

Vulnerability scans
-Configuration review

Question 15

Syslog/Security information and event management (SIEM)
-Review reports

Question 16

Syslog/Security information and event management (SIEM)
-Packet capture

Question 17

Syslog/Security information and event management (SIEM)
-Data inputs

Question 18

Syslog/Security information and event management (SIEM)
-User behavior analysis

Question 19

Syslog/Security information and event management (SIEM)
-Sentiment analysis

Question 20

Syslog/Security information and event management (SIEM)
-Security monitoring

Question 21

Syslog/Security information and event management (SIEM)
-Log aggregation

Question 22

Syslog/Security information and event management (SIEM)
-Log collectors