2.0 Vulnerability Management Flashcards
what should you consult to identify all systems that need to have a vulnerability scan?
the company’s asset inventory
what is a flaw, loophole, or weakness in the system, software, or hardware?
vulnerabiltiy
which scan has less of an impact on the network: agent-based or server-based?
agent-based vulnerability scans because they run on the device and only send the report to the centralized server
what are the two main factors that CompTIA list as factors for prioritizing vulnerability remediation?
criticality and difficulty of implementation
how often should vulnerability scans be carried out based on PCI-DSS standards?
every three months and whenever systems are updated
which SCAP component provides standardized names for security-related software flaws?
common vulnerabilities and exposures (CVE)2
what does the acronym CCE denote?
common configuration enumeration
which systems provides CCE and CVE identifiers for vulnerability scans?
security content automation protocol (SCAP)
which term is used for an agreement that is signed by two partnering companies?
business partners agreement (BPA)
what does the acronym CVE denote?
common vulnerabilities and exposures
which term is used for an agreement between two or more parties where the parties cannot create a legally enforceable agreement?
memorandum of understanding (MoU)
what does the acronym SCAP denote?
security content automation protocol
which step of the vulnerability management process involves assessing the documented requirements and workflow to determine when scans should occur?
establish scanning frequency
why should you document workflow prior to setting up a vulnerability scan?
to help provide business constraints for the scan
which step of the vulnerability management process involves documenting the regulatory environment and corporate policy, classifying data, and obtaining an asset inventory?
identify requirements
in which situation will you accept a risk?
when the cost of the safeguard exceeds the amount of the potential loss
why should you deploy remediation in a sandbox environment?
to test the effects of the remediation to ensure that the devices will be able to function properly after deployment
what is the process for the vulnerability management process?
- identify requirements2. establish scanning frequency3. configure the tools to perform the scans according to specifications4. execute the scan5. generate scan reports6. provide remediation for discovered vulnerabilities
what does the acronym CVSS denote?
common vulnerability scoring system
what is a service level agreement (SLA)?
a contract between a network service provider and a customer that specifies the services the network service provider will furnish
which range of CVSS scores indicates low priority?
0.1 to 3.9
what is meant by the term vulnerability feed?
the updates to the vulnerability scanner that ensures that the scanner is able to recognize newly discovered vulnerabilities
which range of CVSS scores indicates high priority?
7.0 to 8.9
what happens with an agent-based vulnerability scan?
agents are installed on the devices to run the scan and send the report to a centralized server