Module 1: Vulnerability Response Overview Flashcards

1
Q

What is focused on the triage exposure of VR which includes the identification, validation, and prioritization of the vulnerabilities for the organization?

A

Security Operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who focuses on coordinating workflows to remediate or fix the risk by assigning tasks, managing workflow, and remediating the vulnerability?

A

IT Operations team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

_______________________ covers the proactive activities.

A

Vulnerability Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_______________________ covers the reactive activities.

A

Security Incident Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What simplifies the process of identifying critical incidents by applying powerful workflows and automation tools that speed up remediation?

A

Security Incident Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many VR application menus are there?

A

6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the different VR application menus?

A

Vulnerability Response
Application Vulnerability Response
Container Vulnerability Response
Configuration Compliance
Security Operations
Scanner Menus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ServiceNow’s Vulnerability Response application manages which of the following vulnerabilities? (Select 4)
a. Infrastructure
b. Cloud
c. Application
d. Configuration
e. Containerized Application
f. Compliance

A

ABCE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does IVR stand for?

A

Infrastructure Vulnerability Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Infrastructure Vulnerability Reponse (IVR)?

A

Manages vulnerabilities on networked assets including servers and network devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does AVR stand for?

A

Application Vulnerability Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Application Vulnerability Response (AVR)?

A

Manages vulnerabilities on custom-developed applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Vulnerability Response?

A

The process of identifying, classifying, and prioritizing vulnerabilities, as well as, deciding upon an appropriate response (remediate vs. no remediation)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Although vulnerabilities are flaws that affects business assets, this vulnerability must itself be exploited by a _____________.

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

T/F: The core vulnerability response application includes application menus for both host vulnerability response and application vulnerability response

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does CVR stand for?

A

Container Vulnerability Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Container Vulnerability Response (CVR)?

A

Manages vulnerabilities on applications developed and deployed via containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is Configuration Compliance?

A

Manages vulnerabilities on misconfigured software via tests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What manages vulnerabilities on OT assets at the site level?

A

Operational Technology Vulnerability Response (OTVR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are defined within ServiceNow to help organize all the noise generated by Vulnerability integrations?

A

Automation rules

21
Q

What can be used to automate actions such as patching, making configuration changes, or sending requests to security products, such as blocking an IP in the firewall?

A

Orchestration tools

22
Q

What core application are included with VR?

A

Vulnerability Response
Security Support Common
Security Integration Framework
Security Support Orchestration

23
Q

What application allows security users to compare security data pulled from internal and external sources and, if CIs or software are found to be vulnerable, changes and security incidents can be created using Remediation Tasks?

A

Vulnerability Response [sn_vul]

24
Q

What application enables common functionality including integrations, email processing, filter groups, security tags, workflows, and more?

A

Security Support Common [sn_sec_cmn]

25
Q

What application enables core orchestration used by Security Operations applications?

A

Security Support Orchestration [sn_sec_cmn_orch]

26
Q

What application enables common functionality for Security Operations integrations?

A

Security Integration Framework [sn_sec_int]

27
Q

What applications are supplement to the Core?

A

Configuration Compliance
Container Vulnerability Response
Vulnerability Solution Management
Performance Analytics for Vulnerability Response

28
Q

What ServiceNow application is a Secure Configuration Assessment (SCA) application that aggregates scan results from integrations with third-party configuration scanning applications?

A

Configuration Compliance [sn_vulc]

29
Q

What tightly integrates with the IT Change Management process to remediate your non-compliant configurations?

A

Configuration Compliance [sn_vulc]

30
Q

What application imports recommendations and solutions from third-party software to help you remediate vulnerabilities?

A

Vulnerability Solution Management [sn_vul_solution]

31
Q

What table is associated with Container Vulnerability Response?

A

[sn_vulc_container]

32
Q

What table is associated with Performance Analytics for Vulnerability Response?

A

[sn_vul_analytics]

33
Q

What two workspaces are shipped with Vulnerability Reponse?

A

Vulnerability Manager Workspace
IT Remediation Workspace

34
Q

How many tables are in the Vulnerability scope?

A

~140

35
Q

How many tables are in the Security Support Common scope?

A

98

36
Q

What is the table for Remediation Tasks?

A

[sn_vul_vulnerability]

37
Q

What are configuration records that extend application functionality?

A

Application Files

38
Q

How many Script Includes are in the Vulnerability application scope?

A

~130

39
Q

What is the Configuration Compliance table?

A

[sn_vulc]

40
Q

What provide a level of control and protection for access, data modification, and API definition that’s incorporated into the architecture from the start?

A

Scoped Applications

41
Q

What role is required to assign users to the Application Vulnerability Response default user groups, using the User Administration module?

A

system admin [admin]

42
Q

What are the four OOTB user persona groups associated with Container Vulnerability Response?

A

Container Remediation Owner
Container False Positive Approver
Container Exception Approver - Level 1
Container Exception Approver - Level 2

43
Q

What are vulnerabilities?

A

Weaknesses that are targeted by attackers to compromise and/or infiltrate a system and further reduce its security posture.

44
Q

If a device found by the scanner cannot be matched to a CI in the CMDB, what happens?

A

A temporary CI is created

45
Q

A Vulnerable Item is created from the ___________ record

A

Scanner

46
Q

Vulnerable Item records might be enriched by data from what integrations?

A

Shodan
Microsoft Security Response Center
Red Hat Solution Integration

47
Q

What is Common Weakness Enumeration (CWE)?

A

A universal online dictionary of weaknesses (flaws) that have been found in code, design, or system architecture.

48
Q

What are Common Vulnerabilities and Exposures (CVE)?

A

A catalog of known security threats that are divided into two categories: vulnerabilities and exposures

49
Q

What is the National Vulnerability Database (NVD)?

A

A repository of standards-based vulnerability information including a list of CVEs.