5 - Security Assessment and Testing Flashcards
Explain the security concerns associated with various types of vulnerabilities; summarize techniques used in assessments/penetrations; and given a scenario, use the appropriate tool to assess an org's cybersecurity.
Which one of the following security assessment techniques assumes that an org has already been compromised and searches for evidence of that compromise?
Threat Hunting
Renee is configuring her vulnerability management solution to perform credential scans of servers on her network. What type of account should she provide to the scanner?
Read-Only
Ryan is planning to conduct a vulnerability scan of a business-critical system using dangerous plug-ins. What would be the best approach for the initial scans?
Run the scan in a test environment
What value for the CVSS attack complexity metric would indicate that a specific attack is simplest to exploit?
Low
Tara recently analyzed the result of a vulnerability scan and saw that a finding per the scanner did not actually exist because the system was patched as specified. What type of error occurred?
False Positive
Brian ran a penetration test against a school’s grading systems and discovered a flaw that would allow students to alter their grades by exploiting a SQL injection vulnerability. What type on control should he recommend to the school to prevent this?
Integrity
What security assessment tools are used during the reconnaissance phase of a penetration test?
Nmap, Nessus, and Nslookup
During a vulnerability test Brian discovered that a system on his network was open to text-based attacks, and his SIEM recommended updating the system’s drivers. What security control, if deployed, would likely have addressed this issue?
Patch Management
What tool is MOST likely to detect an XSS vulnerability?
Web Application Vulnerability Scanner
Patrick deploys a toolkit on a compromised system and uses it to gain access to other systems on the same network. What term best describes this activity?
Lateral Movement
Kevin is participating in an exercise for his org. His role in the exercise is to use hacking techniques to gain access to his org’s systems. What role is Kevin playing during this exercise?
Red Team
What assessment technique is designed to solicit participation from external security experts, and rewards them for discovering vulnerabilities?
Bug Bounty (Bug Hunting)
After gaining access to an org’s database server, Kevin installs a backdoor on the server to grant himself access in the future. What terms best describe this action?
Persistence
What type of technique are WHOIS Lookups considered?
Passive Reconnaissance
Which element of the SCAP Framework can be used to consistently describe vulnerabilities?
Common Vulnerabilities and Exposures (CVE)