Lesson 8 - Vulnerability Management Flashcards

1
Q

SMB

A

Server Message Block
- a client-server communication protocol that allows computers on a network to share files, printers, and other resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

RCE

A

Remote Code Execution
- an attack is where an attacker runs malicious code on an organization’s network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

EOL

A

End-of-Life
- specific product or version of a product that the manufacturer or vendor has publicly declared as no longer supported

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

UEFI

A

Unified Extensible Firmware Interface
- a specification for the firmware architecture of a computing platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

KRACK

A

Key Reinstallation Attacks
- a type of on-path attack that exploits a vulnerability in protected WiFi, resulting in data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

BEAST

A

Browser Exploit Against SSL/TLS
- a vulnerability that exists in all cipher block chaining (CBC) ciphers in SSL V3/TLS 1.0 and its lower versions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

POODLE

A

Padding Oracle On Downgraded Legacy Encryption
- a security vulnerability that exploits the fallback to SSL 3.0, allowing attackers to decrypt network traffic by forcing browsers to downgrade to the vulnerable protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

TOCTOU

A

Time-of-Check to Time-of-Use
- refers to a vulnerability that arises when a system checks the state of a resource and then uses that resource, but the resource’s state changes between the check and the use, leading to unexpected or incorrect actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ASLR

A

Address Space Layout Randomization
- a cybersecurity technique that randomizes the memory addresses of a process and its libraries, making it harder for attackers to exploit memory corruption vulnerabilities like buffer overflows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

DEP

A

Data Execution Prevention
- a Microsoft security feature that monitors and protects certain pages or regions of memory, preventing them from executing (usually malicious) code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

XSS

A

Cross-Site Scripting
- A malicious script hosted on the attacker’s site or coded in a link injected onto a trusted site designed to compromise clients browsing the trusted site, circumventing the browser’s security model of trusted zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DOM

A

Domain Object Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SQLi

A

SQL Injection
- An attack that injects a database query into the input data directed at a server by accessing the client side of the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CASB

A

Cloud Access Security Broker
- Enterprise management software designed to mediate access to cloud services by users across all types of devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SBOM

A

Software Bill of Materials
- a comprehensive inventory of all components in a software product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SCA

A

Software Composition Analysis
- a cybersecurity process that identifies and manages open-source components within software applications, detecting vulnerabilities, license compliance issues, and outdated libraries to mitigate risks and maintain security.

17
Q

SPDX

A

Software Package Data Exchange
- an open standard for communicating Software Bill of Materials (SBOM) data, plays a crucial role in cybersecurity by enabling organizations to identify, manage, and mitigate risks associated with software supply chains, including licensing and security vulnerabilities.

18
Q

SCA

A

Software Composition Analysis
- Tools designed to assist with identification of third-party and open-source code during software development and deployment.

19
Q

NVD

A

National Vulnerability Database
- a U.S. government repository of publicly disclosed cybersecurity vulnerabilities, maintained by the National Institute of Standards and Technology (NIST), serving as a central resource for vulnerability information and aiding in cybersecurity efforts.

20
Q

OTX

A

Online Threat Exchange
- a free, crowd-sourced cybersecurity platform, developed by AlienVault (now AT&T Cybersecurity), that enables security professionals to share and collaborate on threat intelligence, including Indicators of Compromise (IOCs), to enhance cybersecurity across the community.

21
Q

CTI

A

Cyber Threat Intelligence
- The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources.

22
Q

TTP

A

Tactics, Techniques and Procedures
- Analysis of historical cyberattacks and adversary actions.

23
Q

ISAC

A

Information Sharing and Analysis Centers
- A not-for-profit group set up to share sector-specific threat intelligence and security best practices among its members.

24
Q

OSINT

A

Open-Source Intelligence
- Publicly available information plus the tools used to aggregate and search it.

25
Q

VNT

A

Network Vulnerability Tests
- A synchronizable list of data and scripts used to check for vulnerabilities.

26
Q

NVD

A

National Vulnerability Database
- repository maintained by the National Institute of Standards and Technology (NIST) that provides detailed information about known software vulnerabilities, including vulnerability descriptions, severity ratings, affected software versions, and mitigation measures

27
Q

SCAP

A

Security Content Automation Protocol
- A NIST framework that outlines various accepted practices for automating vulnerability scanning.

28
Q

CVE

A

Common Vulnerabilities and Exposure
- A scheme for identifying vulnerabilities developed by MITRE and adopted by NIST.

29
Q

CVSS

A

Common Vulnerability Scoring System
- A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.

30
Q

FIRST

A

Forum of Incident Response and Security Teams
- maintains the CVSS

31
Q

EF

A

Exposure Factor
- In risk calculation, the percentage of an asset’s value that would be lost during a security incident or disaster scenario.