Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Sec+ > Chapter 5 > Flashcards

Chapter 5 Flashcards

1
Q

Vulnerability Management Program

A

A program that plays a crucial role in identifying, prioritizing, and remediating vulnerabilities in our environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Static Testing

A

Analyzes code without executing it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Dynamic Testing

A

Executes code as part of the test, running all the interface that the code exposes to the user with a variety of inputs, searching for vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Interactive Testing

A

Combines static and dynamic testing, analyzing the source code while testers interact with the application through exposed interfaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CVSS (Common Vulnerability Scoring System)

A

An industry standard for assessing the severity of security vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Attack Vector

A

How an attacker would exploit the vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Attack Complexity

A

Describes the difficulty of exploiting the vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Privileges Required Metric

A

Describes the type of account access that an attacker would need to exploit a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

User Interaction Metric

A

Describes whether an attack needs to involve another human in the attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Confidentiality Metric

A

The type of information disclosure that might occur if an attacker successfully exploits a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Integrity Metric

A

Describes the type of information alteration that might occurs from a successful exploit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Availability Metric

A

Describes the type of disruption that might occur if an attacker is successful.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Scope Metric

A

Describes whether the vulnerability can affect system components beyond the scope of the vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SIEM (Security Information and Event Management)

A

Systems that correlate log entries from multiple sources and provide actionable intelligence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

White-box Test

A

Tests performed with full knowledge of the underlying technology, configurations, and settings that make up the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Black-box Test

A

Tests intended to replicate what an attacker would encounter.

17
Q

Gray-box Test

A

Tests that are a blend of white-box and black-box tests.

18
Q

Privilege Escalation

A

A hacking technique used to gain more advanced privileges after gaining access to a system.

19
Q

Pivoting

A

Gaining access to another system after breaking into the initial system.

Sec+ (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions