(6) Scheduling Scans and Scan Types

Question 1

What do security professionals depend on to help them perform their duties in an efficient, effective way?

Answer 1

Security professionals use automation to help them perform their duties efficiently and effectively

Question 2

What factors influence how often an org chooses to do vulnerability scans?

Answer 2

These factors influence how an org decides to conduct vulnerability scans:

Risk appetite

Regulatory requirements

Performance constraints

Operations contraints

Licensing Limitations

Question 3

What considerations must cybersecurity admins balance as they perform their duties?

Answer 3

Cybersecurity admins must balance how often they conduct scans but should probably begin small when scanning systems and then expand how they do them over time to avoid overwhelming the scanning infrastructure or the system as a whole

Question 4

What do most vulnerability scanning tools perform and what are the drawbacks?

Answer 4

Most vulnerability scanning tools perform active vulnerability scanning, it comes with some drawbacks:

-Active scanning is noisy and if the admin knows that you’re scanning that might be ok, but if not, it can cause issues

-Active scanning can acidentally break systems as it scans for vulnerabilities, disrupting critical systems

-Active scans may miss some systems if they are protected by firewalls

Question 5

What is passive vulnerability scanning?

Answer 5

Passive vulnerability scanning supplements active scans by monitoring the network, looking for obvious signatures of old systems and apps, reporting those results

Question 6

What is helpful to remember about active vs passive scans?

Answer 6

Passive scans can only detect issues that show up in network traffic. They are not a replacement for active scans but they are a nice addition