Module 1: Vulnerability Response Overview Flashcards
What is focused on the triage exposure of VR which includes the identification, validation, and prioritization of the vulnerabilities for the organization?
Security Operations
Who focuses on coordinating workflows to remediate or fix the risk by assigning tasks, managing workflow, and remediating the vulnerability?
IT Operations team
_______________________ covers the proactive activities.
Vulnerability Response
_______________________ covers the reactive activities.
Security Incident Response
What simplifies the process of identifying critical incidents by applying powerful workflows and automation tools that speed up remediation?
Security Incident Response
How many VR application menus are there?
6
What are the different VR application menus?
Vulnerability Response
Application Vulnerability Response
Container Vulnerability Response
Configuration Compliance
Security Operations
Scanner Menus
ServiceNow’s Vulnerability Response application manages which of the following vulnerabilities? (Select 4)
a. Infrastructure
b. Cloud
c. Application
d. Configuration
e. Containerized Application
f. Compliance
ABCE
What does IVR stand for?
Infrastructure Vulnerability Response
What is Infrastructure Vulnerability Reponse (IVR)?
Manages vulnerabilities on networked assets including servers and network devices
What does AVR stand for?
Application Vulnerability Response
What is Application Vulnerability Response (AVR)?
Manages vulnerabilities on custom-developed applications
What is Vulnerability Response?
The process of identifying, classifying, and prioritizing vulnerabilities, as well as, deciding upon an appropriate response (remediate vs. no remediation)
Although vulnerabilities are flaws that affects business assets, this vulnerability must itself be exploited by a _____________.
Threat
T/F: The core vulnerability response application includes application menus for both host vulnerability response and application vulnerability response
True
What does CVR stand for?
Container Vulnerability Response
What is Container Vulnerability Response (CVR)?
Manages vulnerabilities on applications developed and deployed via containers
What is Configuration Compliance?
Manages vulnerabilities on misconfigured software via tests
What manages vulnerabilities on OT assets at the site level?
Operational Technology Vulnerability Response (OTVR)