Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ CS0-001 > 2.2 Vulnerability Management > Flashcards

2.2 Vulnerability Management Flashcards

1
Q

what are the three possible values of the availability (A) metric of the CVSS vector, and what do they stand for?

A

N - None
P - Partial
C - Complete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

which value of the authentication (Au) metric of the CVSS vector means no authentication mechanisms are in place to stop the exploitation of the vulnerability?

A

N

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

which CVSS metric describes the authentication on attacker would need to get through to exploit the vulnerability?

A

the authentication (Au) metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

which value of the access vector (AV) metric of the CVSS vector indicates that the attacker must have physical access to the affected system?

A

L

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

which value of the Access Vector (AV) metric of the CVSS vector indicates the attacker can cause the vulnerability from any network?

A

N

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

which value of the confidentiality (C) metric of the CVSS vector means all information on the system could be compromised?

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

which value of the Confidentiality (C) metric of the CVSS vector means some access to information would occur?

A

P

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what are the three possible values of the Access Vector (AV) metric of the CVSS vector, and what do they stand for?

A

L - Local
A - Adjacent
N - Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

which CVSS metric describes the difficulty of exploiting the vulnerability?

A

the access complexity (AC) metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

which CVSS metric describes the information disclosures that may occur if the vulnerability is exploited?

A

the confidentiality (C) metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what are the three main possible values of the authentication (Au) metric of the CVSS vector, and what do they stand for?

A

M - Multiple
S - Single
N - None

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

which value of the availability (A) metric of the CVSS vector means system performance is degraded?

A

P

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

which CVSS metric describes how the attacker would exploit the vulnerability?

A

the access vector (AV) metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

which value of the integrity (I) metric of the CVSS vector means some information modification would occur?

A

P

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what are the three possible values of the confidentiality (C) metric of the CVSS vector, and what do they stand for?

A

N - None
P - Partial
C - Complete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

which value of the integrity (I) metric of the CVSS vector means all information on the system could be compromised?

A

C

17
Q

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability does not require special conditions?

A

L

18
Q

which value of the availability (A) metric of the CVSS vector means the system is completely shut down?

A

C

19
Q

which CVSS metric describes the disruption that might occur if the vulnerability is exploited?

A

the availability (A) metric

20
Q

what should you do for the false positives in a vulnerability scanning report once you have verified that they are indeed false?

A

configure exceptions for the false positives in the vulnerability scanner

21
Q

what is meant by the term false negative in a vulnerability scan?

A

when the vulnerability scan indicated no vulnerabilities existed when, in fact, one was present

22
Q

which value of the access vector (AV) metric of the CVSS vector indicates the attacker must be on the local network?

A

A

23
Q

which value of the integrity (I) metric of the CVSS vector means there is no integrity impact?

A

N

24
Q

which CVSS metric describes the type of data alteration that might occur?

A

the integrity (I) metric

25
Q

which value of the Confidentiality (C) metric of the CVSS vector means there is no confidentiality impact?

A

N

26
Q

which value of the authentication (Au) metric of the CVSS vector means the attacker would need to get through two or more authentication mechanisms?

A

M

27
Q

which value of the authentication (Au) metric of the CVSS vector means the attacker would need to get through one authentication mechanism?

A

S

28
Q

what are the three possible values of the Access Complexity (AC) metric of the CVSS vector, and what do they stand for?

A

H - High
M - Medium
L - Low

29
Q

what are the three possible values of the integrity (I) metric of the CVSS vector, and what do they stand for?

A

N - None
P - Partial
C - Complete

30
Q

which value of the Availability (A) metric of the CVSS vector means there is no availability impact?

A

N

31
Q

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability requires somewhat special conditions?

A

M

32
Q

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability requires special conditions that are hard to find?

A

H

33
Q

what should you do if you expect that there are false positives in a vulnerability scanning report?

A

verify the false positives to ensure that you can eliminate them from the report

CySA+ CS0-001 (26 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions