701 - Chapter 8

Question 1

What is the likelihood that a threat will exploit a vulnerability called? What is a weakness in a system application or process? And what is a potential danger that might take advantage of a vulnerability called

Answer 1

Risk… vulnerability… threat

Question 2

What are the two major criteria we use when we evaluate a risk?

Answer 2

The impact… the likelihood or probability of that risk occurring

Question 3

How does an organization mitigate IT risks?

Answer 3

By using different types of security controls

Question 4

What are the three IT related threats? And what does an organization use to help identify categorize threats

Answer 4

Malicious human threats, accidental human threats, environmental threats… a threat assessment

Question 5

What are the five risk types or categories?

Answer 5

Internal, external, intellectual property theft, software compliance and licensing, legacy systems and legacy platforms

Question 6

What is the practice of identifying, analyzing, monitoring, and limiting risk to a manageable level?

Answer 6

Risk management

Question 7

What is the acknowledgment that risk exist and must be addressed to mitigate them?

Answer 7

Risk awareness

Question 8

What refers to the risk that exist before controls are in place to manage the risk? What is the amount of risk that remains after managing or mitigating the risk to an acceptable level? And what refers to the risk that exist if in place controls do not adequately manage risks?

Answer 8

Inherent risk… residual risk… control risk

Question 9

What refers to the amount of risk in organization is willing to accept? And what is an organizations ability to withstand risk?

Answer 9

Risk appetite… risk tolerance

Question 10

What is the risk management strategy when an organization does not provide a risky service or does not participate in a risky activity?

Answer 10

Avoidance

Question 11

What is the risk management strategy when an organization implements controls to reduce risk? What are the two ways that mitigation reduces a risk?

Answer 11

Mitigation… by reducing the vulnerability or by reducing the impact of the threat

Question 12

What is the risk management strategy when the cost of a control outweigh the risk itself?

Answer 12

Risk acceptance

Question 13

What is the risk management strategy when an organization transfers, the risk to another entity or at least shares the risk with another entity? And what is a common example of this?

Answer 13

Risk transference… insurance

Question 14

And what insurance helps protect businesses and individuals from some of the losses related to cyber security incidents?

Answer 14

Cybersecurity insurance

Question 15

What is the risk management task that quantifies or qualifies risks based on different values or judgments?

Answer 15

Risk assessment

Question 16

What is any product system resource or process that an organ organization values called? And what is the value of that asset called?

Answer 16

Asset… asset value

Question 17

Which risk assessment measurement uses numbers, such as a monetary figure representing cost and value? And which use judgments?

Answer 17

Quantitative… qualitative

Question 18

What examines an organizations known risk and evaluates the effectiveness of in place controls?

Answer 18

A risk control assessment

Question 19

What are two important factors or variables when doing a quantitative risk assessment? What is the portion of an asset that we expect would be damaged if a risk materializes?

Answer 19

Asset value AV and the exposure factor EF… exposure factor

Question 20

What is the SLE and how is it calculated?

Answer 20

Single loss expectancy, it is the cost of any single loss of a specific asset… AV x EF

Question 21

What is the ARO?

Answer 21

Annualized rate of occurrence, and it indicates how many times the loss will occur in a year… it is a measure of probability or likelihood

Question 22

What is the ALE? How is computed?

Answer 22

Annualized loss expectancy, it brings together the impact and probability/likelihood …SLE x ARO

Question 23

What is the assessment that uses judgment to categorize risk based on the likelihood of occurrence and impact?

Answer 23

A qualitative risk assessment

Question 24

What are the two simple guidelines when making a quantitative risk assessment?

Answer 24

If the cost of the control is less than the savings purchase it… if the cost of the control is greater than the savings accept the risk

Question 25

What is the final phase of the risk assessment called? And what does it identify?

Answer 25

Risk reporting… it identifies the risk discovered and the recommended controls

Question 26

What are metrics used to measure and monitor the level of risk associated with a particular activity process or system called? What are some examples of KRIs?

Answer 26

Key risk indicators KRI… Number of security incidents detected per month, the percentage of overdue security patches,’the average time to detect and respond to a security incident

Question 27

What is a comprehensive document listing known information about risks such as the risk owner? And what does it typically include??

Answer 27

Risk register… Risk scores along with recommended security controls to reduce the scores

Question 28

What plots risks onto a chart?

Answer 28

A risk matrix

Question 29

What includes all the elements required to produce and sell a product called? And what is one way to reduce reduce the risk to this?

Answer 29

Supply chain… Ensuring that it has multiple sources for everything that is needed

Question 30

What assesses the security posture of systems and networks, the identify vulnerabilities or weaknesses within systems networks and organization as part of an overall risk management plan?

Answer 30

Vulnerability assessment

Question 31

What uses various techniques to gather information about hosts within a network?

Answer 31

A network scanner

Question 32

What are the five methods that a network scanner uses?

Answer 32

ARP ping scan, syn stealth scan, port-scan, service scan and OS detection

Question 33

What is used to identify which systems are susceptible to attack, they identify vulnerabilities, misconfigured systems and the lack of security controls (such as out of date patches) that attackers can exploit?

Answer 33

Vulnerability scanner

Question 34

What do vulnerability scanners utilize?

Answer 34

A database or dictionary of known vulnerabilities

Question 35

What does CVE stand for?

Answer 35

Common vulnerabilities and exposures

Question 36

What does CVSS stand for? And what is the range of scores and what is most severe? And why have a the scores?

Answer 36

Common vulnerability scoring system… 0 to 10, 10 is most severe… to help with prioritizing the work with known vulnerabilities

Question 37

What is another standard used by vulnerability scanners and why was this designed?

Answer 37

Security content automation protocol SCAP… to help facilitate communication between vulnerability scanners and other security and management tools

Question 38

Which scans/tests are passive and have little impact on a system during a test? And which is intrusive and can potentially compromise a system?

Answer 38

Vulnerability scan… Penetration test

Question 39

What type of scan runs under the context of a valid account and can get more detailed information? They are typically more accurate than what and result in fewer what?

Answer 39

Credentialed… non-credentialed scans…false positives

Question 40

What type of scanner performs a configuration review of Systems to verify they are configured correctly? And are they running as credentialed or non-credentialed?

Answer 40

Configuration compliance scanner… credentialed

Question 41

What actively assesses deployed security controls within a system or network and generally starts with a reconnaissance to learn about the Target?

Answer 41

Penetration testing

Question 42

What are the four major categories of penetration testing?

Answer 42

Physical, offensive, defensive, integrated

Question 43

What outlines the boundaries of the penetration tests? And why is it important?

Answer 43

Rules of engagement… if this is not in writing, it essentially is an attack vs a penetration test

Question 44

What is generally the first phase of a penetration test? And what are the two methods for this?

Answer 44

Reconnaissance… passive, and active reconnaissance

Question 45

What is generally the difference between active and passive reconnaissance?

Answer 45

Passive reconnaissance does not include using any tools to engage the target and isnt illegal…while active reconnaissance does use tools to engage the Target and is illegal

Question 46

What type of Searches a network for active IP addresses it typically sends an Internet control message protocol ICMP pinging to arrange of IP dresses on any network? What is the problem with this type of scan?

Answer 46

IP Scanner…ICMP scans are often blocked

Question 47

What type of scanner runs from a command prompt and includes many capabilities like identifying all the active host on a network, their IP addresses, the the protocols and services running on each of these hosts and its operating system?

Answer 47

Nmap

Question 48

What is a command line tool that administrators often use for remotely accessing Linux systems

Answer 48

Netcat nc

Question 49

What is a python based command line utility to perform port scans?

Answer 49

Scanless

Question 50

What is a python based command line utility to perform port scans?

Answer 50

Scanless

Question 51

What is the command that will list DNS records for domains?

Answer 51

dnsenum

Question 52

What is a vulnerability scanner developed by tenable network security that uses plug-ins to perform various scans against systems and is often used for configuration reviews?

Answer 52

Nessus

Question 53

What utility can send pings using TCP, UDP or ICMP it can also be used to scan systems for open ports on remote systems?

Answer 53

hping

Question 54

What is an automated scanner used for vulnerability assessments and to gather information on targets during penetration testing it combines the features of many common tools into a single application?

Answer 54

sn1per

Question 55

This is used to transfer and retrieve data to and from server such as web servers?

Answer 55

cURL

Question 56

What are the two techniques penetration testers often combined to identify targets? Which one provides a big picture view, and which homes in on individual systems to provide details of each?

Answer 56

footprinting and fingerprinting…footprinting and fingerprinting…

Question 57

What type of fingerprinting identifies the operating system? And how does it do this? And what can it verify?

Answer 57

OS… By sending protocol queries or port scans to a server… That a service is running

Question 58

What is an attacker ability to maintain a presence in a network for weeks months or even years without being detected? And what is a common technique used to maintain this?

Answer 58

Persistence… creating a back door

Question 59

What is it called when an atacker gains access to its Target and then uses it to maneuver throughout a network?

Answer 59

Lateral movement

Question 60

What is it when a tester uses various techniques to gain more and more privileges?

Answer 60

Privilege escalation

Question 61

What is the process of using an exploited system to Target other systems?

Answer 61

Pivoting

Question 62

What are the three testing types (and their associated colors) defined based on how much the testers know about the environment?

Answer 62

Unknown environment testing (black box), known environment testing (white box) and partially known environment testing (gray)

Question 63

What is one of the last steps of a penetration test called and what does it include?

Answer 63

Clean up… Moving all traces of the penetration testing activity including accounts, scripts, files and settings

Question 64

What kind of programs allow for disclosure of security issues and vulnerabilities to be addressed before they are exploited by attackers? And what is an example of this?

Answer 64

Responsible disclosure… bug bounty

Question 65

What is an important tool for assessing an organizations compliance with industry standards, best practices, and internal policies by reviewing an organizations systems, processes and procedures?

Answer 65

System and process audit

Question 66

What is the most common method for resolving of vulnerability? In the event that this is not available to fix the issue, what are three other methods that can be used?

Answer 66

Applying a patch… deploying a compensating control, using segmentation to place the system on an isolated network and granting an exception/exemption to the security policy thus allowing the system to continue operating

Question 67

What refers to capturing network package transmitted over network and what refers to sending the packets back out over the network a second time? And would a packet be resent a second time?

Answer 67

Packet capture… packet replay… if needed the packets can be modified and resent for testing or for attacking

Question 68

What provides administrators and attackers with the ability to capture, display and analyze packets sent over a network? What are they useful for?

Answer 68

Protocol analyzers… troubleshooting communication problems between systems and to detect attacks that manipulate or fragment packets

Question 69

What is a suite of utilities used to edit packet captures and then send the edited pack packets over them at work? What is a command line protocol analyzer?

Answer 69

Tcpreplay…tcpdump

Question 70

What is a feature available on many routers and switches that can collect IP traffic statistics and send them to a collector?

Answer 70

Netflow

Question 71

Which ISO standard provides information on information security management system requirements?

Answer 71

ISO 27001

Question 72

Which ISO standard is a compliment to ISO 27001 and And provides organizations with best practice guidance?

Answer 72

ISO 27002

Question 73

Which ISO standard is an extension to ISO 27001 and ISO 27002 and outlines a framework for managing and protecting PII?

Answer 73

ISO 27701

Question 74

Which ISO standard is a family of standards related to risk management and provides a guideline that organizations can adopt?

Answer 74

ISO 31000

Question 75

What is the NIST framework that has seven steps to identify mitigate risks and is adopted by the US federal government?

Answer 75

Risk management framework RMF

Question 76

What is the NIST framework that aligns with RMF and has three components to improve prevention, detection, and response to cyber attacks?

Answer 76

NIST cyber security framework CSF

Question 77

In cyber security, what is a document or set of documents that provides a set of standards?

Answer 77

Reference architecture

Question 78

What is a formal evaluation of an organizations, policies, procedures, and operations and the world of cyber security these confirmed that the organization has put security controls in place that are adequate and effective and protecting critical assets? And what is the outcome of an audit called?

Answer 78

Audits…attestation

Question 79

What are less formal review of an organization cyber security defenses?

Answer 79

Assessments

Question 80

What is a type of assessment where the reviewer takes a standard and then compares the requirements in that standard to the organizations normal operation?

Answer 80

Gap analysis