Chapter 5 - Program Management and Oversight Flashcards
Vulnerability Management
Identifying, prioritizing, and remediating vulnerabilities in our environment.
Vulnerability Scanning
Detecting new vulnerabilities as they arise.
Asset Inventory
A list of all connected systems on a network.
Risk Appetite
An organization’s willingness to tolerate risk within the environment.
Regulatory Requirements
Requirements imposed by the government or corporate policy that dictate how often a vulnerability scan should occur.
Credentialed Scanning
Allows the vulnerability scanner to authenticate with target systems so that its detection capabilities are extended.
Agent-Based Scanning
Agent-Based Scanning involves installing small software agents on each target server. These agents will themselves perform a vulnerability scan from the “inside-out” and then report this information back to the vulnerability management system.
Scan Perspectives
Each scan perspective conducts a vulnerability scan from a different location on the network (internet, internal workspace, data center, etc.).
What are the three main techniques for Application Testing?
- Static Testing (analyzing code without executing it)
- Dynamic Testing (running all the interfaces that the code exposes to the user with a variety of inputs)
- Interactive Testing (analyzing the source code while testers interact with the application)
Common Vulnerability Scoring System (CVSS)
The Common Vulnerability Scoring System is an industry standard for assessing the severity of security vulnerabilities. This score is a number between 0 and 10 that is based on eight different measures.
What are the eight metrics used by the Common Vulnerability Scoring System?
- Attack Vector
- Attack Complexity
- Privileges Required
- User Interaction
- Confidentiality
- Integrity
- Availability
- Scope
Patch Management
A Patch Management program involves the routine patching of security issues/flaws.
Legacy Platforms
A Legacy Platform is a system that is no longer receiving support from the original vendor. This means that the vendor will not investigate or correct any security flaws that arise in the product.
Weak Configurations
Weak Configuration settings on systems, applications and devices can jeopardize security. Some examples include default settings, default credentials, unnecessary open ports and open permissions.
How can error messages be used by attackers
Forgetting to disable debug mode/error messages on public-facing systems can allow attackers to retrieve information about the internal structure of a system/application.