Chapter 15 Flashcards
What provides an important mechanism for validating the ongoing effectiveness of security controls?
Security Assessment and Testing Program
What uses automated tools to search for known vulnerabilities in systems, applications, and networks.
Vulnerability Assessments
What takes the results of test inputs from penetration testing and vulnerability assessments and implements a risk management process.
Vulnerability Management
What uses a peer review process to formally or informally validate code before deploying it in production?
Code Review
What evaluates the security of software without running it by analyzing either the source code or compiled application.
Static Software Testing
What évaluâtes the security of if software in a runtime environment and is often the only option for orgs deploying applications written by someone else.
Dynamic Software Testing
What uses modified inputs to test software performance under unexpected circumstances.
Fuzzing
What modifies known inputs to generate synthetic inputs that may trigger unexpected behavior.
Mutation Fuzzing
What develops inputs based on models of expected inputs to perform the same task.
Generational Fuzzing
What occurs when a third party performs an assessment of the security controls protecting an organization’s information assets.
Security Audits
What are performed by an organization’s internal staff and are intended for management use.
Internal Audits
What SOC engagement Assess the organization’s controls that might impact the accuracy of financial reporting.
SOC 1 Engagement
What SOC engagement Assess the organization’s controls that affect the security (confidentiality, integrity, and availability) and privacy of information stored in a system.
SOC 2 Engagements
What SOC engagement Assess the organization’s controls that affect the security (confidentiality, integrity, and availability) and privacy of information stored in a system. However, audit results are intended for public disclosure.
SOC 3 Engagement
What report type focuses on the auditor’s opinion based on the description provided by management and the suitability of the design of the controls, and cover only a specific point in time.
Type I
What report type focuses on auditor’s opinion on the operating effectiveness of the controls, and also an extended period of time such as 6 months.
Type II
What describes a standard approach for setting up an information security management system, and goes into more detail on the specifics of information security controls.
ISO 27002
What is common framework for conducting audits and assessments.
COBIT
What are the components of SCAP most directly related to vulnerability assessment
CVE
CVSS
CCE
CPE
XCCDF
OVAL
What provides a naming system for describing security vulnerabilities.
CVE
What provides a standardized scoring system for describing the severity of security vulnerabilities.
CVSS
What provides a naming system for system configuration issues.
CCE
What provides a naming system for operating systems, applications, and devices.
CPE
What provides a language for specifying security checklists.
XCCDF
What provides a language for describing security testing procedures.
OVAL
What provide a common language for describing and evaluating vulnerabilities and facilitates the automation of interactions between different security systems.
SCAP
What automatically probe systems, applications, and networks, looking for weaknesses that may be exploited by an attacker.
Vulnerability Scans
What are the four main categories of vulnerability scans?
Network discovery scans
Network vulnerability scans
Web application vulnerability scans
Database vulnerability scans
What uses a variety of techniques to scan a range of IP addresses, searching for systems with open network ports.
Network discovery scans
What scanners do not actually probe systems for vulnerabilities but provide a report showing the systems detected on a network and the list of ports that are exposed through the network and server firewalls.
Network discovery scans
What are some common network discovery scan techniques?
TCP SYN Scanning
TCP Connect Scanning
TCP ACK Scanning
UDP Scanning
Xmas Scanning
What scanning technique sends a packet with the FIN, PSH, and URG flags set.
Xmas
What scanning technique performs a scan of the remote system using the UDP protocol, checking for active UDP services.
UDP Scan
What scanning technique sends a packet with the ACK flag set, indicating that it is part of an open connection.
TCP ACK
What scanning technique may be done in an attempt to determine the rules enforced by a firewall and the firewall methodology.
TCP ACK
What scanning technique is used when the user running the scan does not have the necessary permissions to run a half-open scan.
TCP Connect
What scanning technique sends a single packet to each scanned port with the SYN flag set.
TCP SYN
What scans a system, it identifies the current state of each network port on the system. For ports where nmap detects a result, it provides the current status of that port.
Nmap
What command lists all active network connections on a system as well as those ports that are open and awaiting new connections.
Netstat
What approach is being done when a vulnerability scanner has read-only access to the servers being scanned and can use this access to read configuration information from the target system and use that information when analyzing vulnerability testing results.
Authenticated scans
What is a commonly used open source database vulnerability scanner that allows security administrators to probe web applications for database vulnerabilities.
Sqlmap
What are the four phases of penetration testing described by NIST?
Planning
Information Gathering and Discovery
Attack
Reporting
What uses a scripting language to allow the automatic execution of common attacks, saving testers (and hackers!) quite a bit of time by eliminating many of the tedious, routine steps involved in executing an attack.
Metasploit Framework
What are the six steps of the Fagan inspection ?
Planning
Overview
Preparation
Inspection
Rework
Follow up
What evaluates the security of software without running it by analyzing either the source code or the compiled application ?
SAST
What represents the use of web application scanning tools to detect the presence of cross-site scripting, SQL injection, or other flaws in web applications.
DAST
What tool automates the process of mutation fuzzing by manipulating input according to user specifications.
Zzuf
What is used to estimate the degree of testing conducted against the new software.
Test coverage analysis
What logs provide records of the connections between systems and the amount of data transferred.
Netflow
What are key performance and risk indicators that managers show check for in the org?
Number of open vulnerabilities
Time to resolve vulnerabilities
Vulnerability/defect recurrence
Number of compromised accounts
Number of software flaws detected in preproduction scanning
Repeat audit findings
User attempts to visit known malicious sites