Module 1: Vulnerability Response Overview

Question 1

What is focused on the triage exposure of VR which includes the identification, validation, and prioritization of the vulnerabilities for the organization?

Answer 1

Security Operations

Question 2

Who focuses on coordinating workflows to remediate or fix the risk by assigning tasks, managing workflow, and remediating the vulnerability?

Answer 2

IT Operations team

Question 3

_______________________ covers the proactive activities.

Answer 3

Vulnerability Response

Question 4

_______________________ covers the reactive activities.

Answer 4

Security Incident Response

Question 5

What simplifies the process of identifying critical incidents by applying powerful workflows and automation tools that speed up remediation?

Answer 5

Security Incident Response

Question 6

How many VR application menus are there?

Answer 6

6

Question 7

What are the different VR application menus?

Answer 7

Vulnerability Response
Application Vulnerability Response
Container Vulnerability Response
Configuration Compliance
Security Operations
Scanner Menus

Question 8

ServiceNow’s Vulnerability Response application manages which of the following vulnerabilities? (Select 4)
a. Infrastructure
b. Cloud
c. Application
d. Configuration
e. Containerized Application
f. Compliance

Answer 8

ABCE

Question 9

What does IVR stand for?

Answer 9

Infrastructure Vulnerability Response

Question 10

What is Infrastructure Vulnerability Reponse (IVR)?

Answer 10

Manages vulnerabilities on networked assets including servers and network devices

Question 11

What does AVR stand for?

Answer 11

Application Vulnerability Response

Question 12

What is Application Vulnerability Response (AVR)?

Answer 12

Manages vulnerabilities on custom-developed applications

Question 13

What is Vulnerability Response?

Answer 13

The process of identifying, classifying, and prioritizing vulnerabilities, as well as, deciding upon an appropriate response (remediate vs. no remediation)

Question 14

Although vulnerabilities are flaws that affects business assets, this vulnerability must itself be exploited by a _____________.

Answer 14

Threat

Question 15

T/F: The core vulnerability response application includes application menus for both host vulnerability response and application vulnerability response

Answer 15

True

Question 16

What does CVR stand for?

Answer 16

Container Vulnerability Response

Question 17

What is Container Vulnerability Response (CVR)?

Answer 17

Manages vulnerabilities on applications developed and deployed via containers

Question 18

What is Configuration Compliance?

Answer 18

Manages vulnerabilities on misconfigured software via tests

Question 19

What manages vulnerabilities on OT assets at the site level?

Answer 19

Operational Technology Vulnerability Response (OTVR)

Question 20

What are defined within ServiceNow to help organize all the noise generated by Vulnerability integrations?

Answer 20

Automation rules

Question 21

What can be used to automate actions such as patching, making configuration changes, or sending requests to security products, such as blocking an IP in the firewall?

Answer 21

Orchestration tools

Question 22

What core application are included with VR?

Answer 22

Vulnerability Response
Security Support Common
Security Integration Framework
Security Support Orchestration

Question 23

What application allows security users to compare security data pulled from internal and external sources and, if CIs or software are found to be vulnerable, changes and security incidents can be created using Remediation Tasks?

Answer 23

Vulnerability Response [sn_vul]

Question 24

What application enables common functionality including integrations, email processing, filter groups, security tags, workflows, and more?

Answer 24

Security Support Common [sn_sec_cmn]

Question 25

What application enables core orchestration used by Security Operations applications?

Answer 25

Security Support Orchestration [sn_sec_cmn_orch]

Question 26

What application enables common functionality for Security Operations integrations?

Answer 26

Security Integration Framework [sn_sec_int]

Question 27

What applications are supplement to the Core?

Answer 27

Configuration Compliance
Container Vulnerability Response
Vulnerability Solution Management
Performance Analytics for Vulnerability Response

Question 28

What ServiceNow application is a Secure Configuration Assessment (SCA) application that aggregates scan results from integrations with third-party configuration scanning applications?

Answer 28

Configuration Compliance [sn_vulc]

Question 29

What tightly integrates with the IT Change Management process to remediate your non-compliant configurations?

Answer 29

Configuration Compliance [sn_vulc]

Question 30

What application imports recommendations and solutions from third-party software to help you remediate vulnerabilities?

Answer 30

Vulnerability Solution Management [sn_vul_solution]

Question 31

What table is associated with Container Vulnerability Response?

Answer 31

[sn_vulc_container]

Question 32

What table is associated with Performance Analytics for Vulnerability Response?

Answer 32

[sn_vul_analytics]

Question 33

What two workspaces are shipped with Vulnerability Reponse?

Answer 33

Vulnerability Manager Workspace
IT Remediation Workspace

Question 34

How many tables are in the Vulnerability scope?

Answer 34

~140

Question 35

How many tables are in the Security Support Common scope?

Answer 35

98

Question 36

What is the table for Remediation Tasks?

Answer 36

[sn_vul_vulnerability]

Question 37

What are configuration records that extend application functionality?

Answer 37

Application Files

Question 38

How many Script Includes are in the Vulnerability application scope?

Answer 38

~130

Question 39

What is the Configuration Compliance table?

Answer 39

[sn_vulc]

Question 40

What provide a level of control and protection for access, data modification, and API definition that’s incorporated into the architecture from the start?

Answer 40

Scoped Applications

Question 41

What role is required to assign users to the Application Vulnerability Response default user groups, using the User Administration module?

Answer 41

system admin [admin]

Question 42

What are the four OOTB user persona groups associated with Container Vulnerability Response?

Answer 42

Container Remediation Owner
Container False Positive Approver
Container Exception Approver - Level 1
Container Exception Approver - Level 2

Question 43

What are vulnerabilities?

Answer 43

Weaknesses that are targeted by attackers to compromise and/or infiltrate a system and further reduce its security posture.

Question 44

If a device found by the scanner cannot be matched to a CI in the CMDB, what happens?

Answer 44

A temporary CI is created

Question 45

A Vulnerable Item is created from the ___________ record

Answer 45

Scanner

Question 46

Vulnerable Item records might be enriched by data from what integrations?

Answer 46

Shodan
Microsoft Security Response Center
Red Hat Solution Integration

Question 47

What is Common Weakness Enumeration (CWE)?

Answer 47

A universal online dictionary of weaknesses (flaws) that have been found in code, design, or system architecture.

Question 48

What are Common Vulnerabilities and Exposures (CVE)?

Answer 48

A catalog of known security threats that are divided into two categories: vulnerabilities and exposures

Question 49

What is the National Vulnerability Database (NVD)?

Answer 49

A repository of standards-based vulnerability information including a list of CVEs.