1.7 Summarize the techniques used in security assessments Flashcards
Threat hunting
-Intelligence fusion
Threat hunting
-Threat feeds
Threat hunting
-Advisories and bulletins
Threat hunting
-Maneuver
Vulnerability scans
-False positives
Vulnerability scans
-False negatives
Vulnerability scans
-Log reviews
Vulnerability scans
-Credentialed vs. non-credentialed
Vulnerability scans
-Intrusive vs. non-intrusive
Vulnerability scans
-Application
Vulnerability scans
-Web application
Vulnerability scans
-Network
Vulnerability scans
-Common vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
Vulnerability scans
-Configuration review
Syslog/Security information and event management (SIEM)
-Review reports
Syslog/Security information and event management (SIEM)
-Packet capture
Syslog/Security information and event management (SIEM)
-Data inputs
Syslog/Security information and event management (SIEM)
-User behavior analysis
Syslog/Security information and event management (SIEM)
-Sentiment analysis
Syslog/Security information and event management (SIEM)
-Security monitoring
Syslog/Security information and event management (SIEM)
-Log aggregation
Syslog/Security information and event management (SIEM)
-Log collectors
