7. Vulnerability Scanning Flashcards

1
Q

What is vulnerability management?

vulnerability management

A

The process of handling security vulnerabilities in modern computing systems and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Core goal of vulnerability management

vulnerability management

A

Ensuring the security of systems by developing and implementing measures to address vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Steps in vulnerability management

vulnerability management

A

Analyzing vulnerabilities, developing patches, releasing and applying patches to systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Challenges in vulnerability management

vulnerability management

A

Dealing with complex software, multiple operating systems, numerous applications, and regular patching of various components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Components of a mature vulnerability management process

vulnerability management

A

Vulnerability scanning, patch application, remediation tracking, and result reporting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Regulatory requirements for vulnerability management

vulnerability management

A

Compliance with standards such as PCI DSS for credit card handling and FISMA for U.S. government agencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Types of vulnerability tests in an organization

vulnerability management

A

Network vulnerability scans, application scans, and specialized testing for web applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Supplementing vulnerability scans with other measures

vulnerability management

A

Reviewing system and application configurations, as well as logs, to validate scan results and identify false positives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Importance of understanding organizational rules and requirements

vulnerability management

A

Designing a vulnerability management program that aligns with specific regulations and policies applicable to the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the first step in developing a vulnerability management program?

Identify scan targets

A

Identify the requirements for the program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why is a reliable asset inventory important for vulnerability management?

Identify scan targets

A

It helps in creating a specific list of systems and networks to scan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can a vulnerability management solution be used for scanning targets?

Identify scan targets

A

Run a lightweight scan or use a platform like Nessus to identify systems on the local network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the key considerations for prioritizing assets in vulnerability management?

Identify scan targets

A

Importance of data classification, level of risk exposure, and criticality to business operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why is asset prioritization important even when scanning all systems regularly?

Identify scan targets

A

It helps in planning remediation efforts and allocating resources effectively.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DMZ Placement

Scan Perspective

A

Placing the scanner in the DMZ provides the clearest view of vulnerabilities on the target system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Internet Placement

Scan Perspective

A

Placing the scanner on the internet gives an attacker’s view of the network, helping prioritize remediation efforts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Firewall Impact

Scan Perspective

A

Firewall settings and filtering affect vulnerability scans by altering the systems and services visible to the scanner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Intrusion Prevention Systems (IPS)

Scan Perspective

A

Active IPS on the network significantly influences scan results as vulnerability scanning traffic passes through it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Agent-Based Scans

Scan Perspective

A

Agents installed on servers can probe server configurations deeply and report vulnerabilities to the central management system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Credentialed Scanning

Scan Perspective

A

Providing credentials to the scanner allows it to log in and retrieve configuration information, offering an alternative to agent-based scanning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

SCAP (Security Content Automation Protocol)

SCAP

A

A protocol for creating a consistent language and format to discuss security issues and enable information sharing.

22
Q

CVSS (Common Vulnerability Scoring System)

SCAP

A

A widely used system in the security community for evaluating the severity of security vulnerabilities.

23
Q

CCE (Common Configuration Enumeration)

SCAP

A

Provides a consistent language for sharing system configurations.

24
Q

CPE (Common Platform Enumeration)

SCAP

A

Offers a standardized system for naming product names and versions.

25
CVE (Common Vulnerabilities and Exposures) ## Footnote SCAP
Provides a language for describing vulnerabilities.
26
XCCDF (Extensible Configuration Checklist Description Format) ## Footnote SCAP
A language for creating and sharing checklists and processing security checklists' results.
27
OVAL (Open Vulnerability and Assessment Language) ## Footnote SCAP
Provides a programmatic way to describe testing procedures.
28
CVSS ## Footnote CVSS
Common Vulnerability Scoring System used to assess vulnerability severity on a 10-point scale.
29
Attack Vector ## Footnote CVSS
Describes the type of access an attacker needs to exploit a vulnerability (e.g., physical, local, adjacent network, network).
30
Attack Complexity ## Footnote CVSS
Measures the difficulty of exploiting a vulnerability (high or low).
31
Privileges Required ## Footnote CVSS
Determines the level of user access an attacker must have to exploit a vulnerability (high, low, or none).
32
User Interaction ## Footnote CVSS
Assesses the level of human involvement needed for an attack to succeed (required or none).
33
Exploitability ## Footnote CVSS
Combination of Attack Vector, Attack Complexity, Privileges Required, and User Interaction metrics to describe the vulnerability's susceptibility to exploitation.
34
Confidentiality ## Footnote CVSS
Evaluates the impact on information confidentiality (none, partial, high).
35
Integrity ## Footnote CVSS
Assesses the impact on information integrity (none, low, high).
36
Availability ## Footnote CVSS
Measures the impact on system availability (none, low, high).
37
Scope ## Footnote CVSS
Determines whether a vulnerability can affect components beyond the vulnerable component (changed or unchanged).
38
Base CVSS Score ## Footnote CVSS
The initial score assigned to a vulnerability based on the evaluation of eight different metrics.
39
Scan Reports ## Footnote CVSS
CVSS scores are commonly seen in scan reports to provide information about vulnerability severity.
40
What is the role of a cybersecurity analyst? ## Footnote Analysing scan reports
Analyzing reports from vulnerability scans and presenting information to different audiences.
41
What factors should be considered when analyzing scan reports? ## Footnote Analysing scan reports
Severity of vulnerability, criticality of affected systems, sensitivity of information, difficulty of remediation, and exposure of vulnerable systems.
42
Why is it important to validate vulnerabilities before requesting remediation? ## Footnote Analysing scan reports
To confirm the existence of the vulnerability and ensure its proper rating in the prioritization process.
43
How can you validate a vulnerability reported in a scan? ## Footnote Analysing scan reports
Review the details in the scanner report, including input and output sections, to understand the issue and verify its presence.
44
What should you do when encountering false positive reports? ## Footnote Analysing scan reports
Investigate the reasons behind the report, but be aware that false positives can occur. Clearing them is important to maintain accuracy.
45
How should you handle vulnerabilities that have already been acknowledged or mitigated? ## Footnote Analysing scan reports
Track these exceptions in the scanner or a configuration management database to avoid reporting known vulnerabilities.
46
What are the possible outcomes of vulnerability reports? ## Footnote Analysing scan reports
True positive (vulnerability exists), false positive (vulnerability does not exist), true negative (no vulnerability found), and false negative (vulnerability missed).
47
What is the purpose of validating scan results? ## Footnote Correlating scan results
To eliminate false positive reports and remove documented exceptions.
48
What should you do to correlate scan reports with other information? ## Footnote Correlating scan results
Consult industry standards, best practices, compliance obligations, and technical information within your organization.
49
Why should you consult industry standards and guidance? ## Footnote Correlating scan results
They provide specific guidance on vulnerabilities requiring urgent remediation, such as PCI DSS's guidance on vulnerability scanning.
50
What sources of technical information can contribute to scan results? ## Footnote Correlating scan results
Configuration management systems, log repositories, and other data sources within your organization.
51
Why should you monitor scan result trends? ## Footnote Correlating scan results
To identify recurring vulnerabilities and potential underlying issues that need to be addressed.
52
What is the importance of preventing vulnerabilities rather than remediating them? ## Footnote Correlating scan results
It's better to address vulnerabilities beforehand by providing security training to developers and implementing input validation libraries to protect code from attacks.