(6) Scheduling Scans and Scan Types Flashcards
What do security professionals depend on to help them perform their duties in an efficient, effective way?
Security professionals use automation to help them perform their duties efficiently and effectively
What factors influence how often an org chooses to do vulnerability scans?
These factors influence how an org decides to conduct vulnerability scans:
Risk appetite
Regulatory requirements
Performance constraints
Operations contraints
Licensing Limitations
What considerations must cybersecurity admins balance as they perform their duties?
Cybersecurity admins must balance how often they conduct scans but should probably begin small when scanning systems and then expand how they do them over time to avoid overwhelming the scanning infrastructure or the system as a whole
What do most vulnerability scanning tools perform and what are the drawbacks?
Most vulnerability scanning tools perform active vulnerability scanning, it comes with some drawbacks:
-Active scanning is noisy and if the admin knows that you’re scanning that might be ok, but if not, it can cause issues
-Active scanning can acidentally break systems as it scans for vulnerabilities, disrupting critical systems
-Active scans may miss some systems if they are protected by firewalls
What is passive vulnerability scanning?
Passive vulnerability scanning supplements active scans by monitoring the network, looking for obvious signatures of old systems and apps, reporting those results
What is helpful to remember about active vs passive scans?
Passive scans can only detect issues that show up in network traffic. They are not a replacement for active scans but they are a nice addition