Chapter 5 - Program Management and Oversight Flashcards

1
Q

Vulnerability Management

A

Identifying, prioritizing, and remediating vulnerabilities in our environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Vulnerability Scanning

A

Detecting new vulnerabilities as they arise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Asset Inventory

A

A list of all connected systems on a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk Appetite

A

An organization’s willingness to tolerate risk within the environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Regulatory Requirements

A

Requirements imposed by the government or corporate policy that dictate how often a vulnerability scan should occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Credentialed Scanning

A

Allows the vulnerability scanner to authenticate with target systems so that its detection capabilities are extended.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Agent-Based Scanning

A

Agent-Based Scanning involves installing small software agents on each target server. These agents will themselves perform a vulnerability scan from the “inside-out” and then report this information back to the vulnerability management system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Scan Perspectives

A

Each scan perspective conducts a vulnerability scan from a different location on the network (internet, internal workspace, data center, etc.).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the three main techniques for Application Testing?

A
  1. Static Testing (analyzing code without executing it)
  2. Dynamic Testing (running all the interfaces that the code exposes to the user with a variety of inputs)
  3. Interactive Testing (analyzing the source code while testers interact with the application)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Common Vulnerability Scoring System (CVSS)

A

The Common Vulnerability Scoring System is an industry standard for assessing the severity of security vulnerabilities. This score is a number between 0 and 10 that is based on eight different measures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the eight metrics used by the Common Vulnerability Scoring System?

A
  1. Attack Vector
  2. Attack Complexity
  3. Privileges Required
  4. User Interaction
  5. Confidentiality
  6. Integrity
  7. Availability
  8. Scope
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Patch Management

A

A Patch Management program involves the routine patching of security issues/flaws.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Legacy Platforms

A

A Legacy Platform is a system that is no longer receiving support from the original vendor. This means that the vendor will not investigate or correct any security flaws that arise in the product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Weak Configurations

A

Weak Configuration settings on systems, applications and devices can jeopardize security. Some examples include default settings, default credentials, unnecessary open ports and open permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How can error messages be used by attackers

A

Forgetting to disable debug mode/error messages on public-facing systems can allow attackers to retrieve information about the internal structure of a system/application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Insecure Protocols

A

Insecure Protocols used on older networks often failed to use encryption and would commonly send data in the clear. Some examples of insecure protocols are Telnet and FTP.

17
Q

Penetration Testing

A

Penetration Testing are authorized, legal attempts to defeat an organization’s security controls and perform unauthorized activities.

18
Q

Threat Hunting

A

Threat Hunters use the attacker mindset to search the organization’s technology infrastructure for the artifacts of a successful attack.

19
Q

What are the four types of penetration tests?

A
  1. Physical
  2. Offensive
  3. Defensive
  4. Integrated (collaboration between offensive and defensive experts)
20
Q

What are the three classification types for how much knowledge a penetration tester may have about an environment?

A
  1. Known environment
  2. Unknown environment
  3. Partially known environment
21
Q

What are some of the common Rules of Engagement for a penetration test?

A
  1. Timeline
  2. Locations, systems, applications or other potential targets
  3. Data handling requirements
  4. Behaviors (to expect from the target)
  5. Resources to be committed to the test
  6. Legal concerns
  7. When and how communications will occur
22
Q

Passive Reconnaissance

A

Passive Reconnaissance techniques seek to gather information without directly engaging with the target. Some examples of Passive Reconnaissance include performing lookups of domain information (DNS or WHOIS), performing web searches, or reviewing public websites.

23
Q

Active Reconnaissance

A

Active Reconnaissance techniques directly engage the target in intelligence gathering. Some examples of Active Reconnaissance include port scanning, foot-printing, and vulnerability scanning.

24
Q

Initial Access

A

Initial Access refers to when a hacker exploits a vulnerability to gain access to an organization’s network.

25
Q

Privilege Escalation

A

Privilege Escalation uses hacking techniques to shift from the initial access gained by the attacker to more advanced privileges, such as root access on the same system.

26
Q

Pivoting/Lateral Movement

A

Pivoting/Lateral Movement occurs as the attacker uses the initial system compromise to gain access to other systems on the target network.

27
Q

Persistence

A

Persistence, in the context of an attack, refers to when hackers install a backdoor that will allow them to regain access to the network at a later date, even if the original vulnerability is patched.

28
Q

Security Tests

A

Security Tests verify that a control is functioning properly. These tests include automated scans, tool-assisted penetration tests, and manual attempts to undermine security.

29
Q

Security Assessments

A

Security Assessments are comprehensive reviews of the security of a system, application, or other tested environments. During a Security Assessment, a trained information security professional performs a risk assessment that identifies vulnerabilities in the tested environment that may allow a compromise and make recommendations for remediation, as needed.

30
Q

Security Audits

A

Security Audits use many of the same techniques followed during security assessments but must be performed by independent auditors. Auditors provide an impartial, unbiased view of the state of security controls.

31
Q

Attestation

A

An attestation is a formal statement that the auditors have reviewed the controls and found that they are both adequate to meet the control objectives and working properly.

32
Q

Control Objectives for Information and related Technologies (COBIT)

A

COBIT is a common framework for conducting audits and assessments. COBIT describes the common requirements that organizations should have in place surrounding their information systems.