Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CYSA+ CS0-003 > 2.0 Vulnerability Management > Flashcards

2.0 Vulnerability Management Flashcards

1
Q

Map scans

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Device fingerprinting

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Scheduling

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Operations

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Performance

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Sensitivity levels

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Segmentation

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Regulatory requirements

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Internal vs. external scanning

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Agent vs. agentless

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Credentialed vs. non-credentialed

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Passive vs. active

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Static vs. dymanic

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Reverse engineering

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Fuzzing

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Operational technology (OT)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Industrial control systems (ICS)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Supervisory control and data acquisition (SCADA)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Security baseline scanning

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Payment Card Industry Data Security Standard (PCI DSS)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Center for Internet Security (CIS) benchmarks

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Open Web Application Security Project (OWASP)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

International Organization for Standardization (ISO) 27000 series

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Angry IP Scanner

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Maltego

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Burp Suite

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Zed Attack Proxy (ZAP)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Arachni

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Nikto

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Nessus

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

OpenVAS

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Immunity debugger

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

GNU debugger (GDB)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Nmap

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Metasploit framework (MSF)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Recon-ng

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Scout Suite

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Prowler

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Pacu

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Common Vulnerability Scoring System (CVSS) Interpretation

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Attack vectors

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Attack complexity

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Privileges required

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

User interaction

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Scope

46
Q

Impact

A

Confidentiality
Integrity
Availability

47
Q

True/false positives

48
Q

True/false negatives

49
Q

Internal

50
Q

External

51
Q

Isolated

52
Q

Exploitability/weaponization

53
Q

Asset value

54
Q

Zero-day

55
Q

Cross-site scripting

56
Q

Reflected

57
Q

Persistent

58
Q

Buffer overflow

59
Q

Integer overflow

60
Q

Heap overflow

61
Q

Stack overflow

62
Q

Data poisoning

63
Q

Broken access control

64
Q

Cryptographic failures

65
Q

Injection flaws

66
Q

Cross-site request forgery

67
Q

Directory traversal

68
Q

Insecure design

69
Q

Security misconfiguration

70
Q

End-of-life or outdated components

71
Q

Identification and authentication failures

72
Q

Server-side request forgery

73
Q

Remote code execution

74
Q

Privilege escalation

75
Q

Local file inclusion (LFI)/remote file inclusion (RFI)

76
Q

Compensating control

77
Q

Managerial

78
Q

Operational

79
Q

Technical

80
Q

Preventative

81
Q

Detective

82
Q

Responsive

83
Q

Corrective

84
Q

Testing

85
Q

Implementation

86
Q

Rollback

87
Q

Validation

88
Q

Maintenance windows

89
Q

Exceptions

90
Q

Accept

91
Q

Transfer

92
Q

Avoid

93
Q

Mitigate

94
Q

Policies, governance, and service level objectives (SLO)

95
Q

Prioritization and escalation

96
Q

Edge discovery

97
Q

Passive discovery

98
Q

Security controls testing

99
Q

Penetration testing and adversary emulation

100
Q

Bug bounty

101
Q

Attack surface reduction

102
Q

Input validation

103
Q

Output encoding

104
Q

Session management

105
Q

Authentication

106
Q

Data protection

107
Q

Parameterized queries

108
Q

Secure software development life cycle (SDLC)

109
Q

Threat modeling

CYSA+ CS0-003 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions