Module 5

Question 1

define vulnerability assessment

Answer 1

the process of identifying, quantifying and prioritizing (or ranking) the security issues (vulnerabilities) in a system or network

Question 2

3 items every organization needs to perform

Answer 2

• • risk assessment
• • vulnerability assessment
• • penetration testing

Question 3

what is a vulnerability

Answer 3

weakness or other issues that create a risk if exploited

Question 4

4 ways to address risk - out of ISO 270001

Answer 4

• • eliminate the risk
• • reduce the risk to an acceptable level (mitigate)
• • transfer the risk to a third party - (insurance)
• • accept the risk

Question 5

what is the main objective of a pen test

Answer 5

the main objective of pet testing is to determine security weaknesses

Question 6

what is the primary goal of an external pen test

Answer 6

to gain unauthorized elevated access to an externally accessible system

Question 7

what is a secondary goal of an external pen test

Answer 7

to gain unauthorized access to other systems utilizing the primary goal system

Question 8

2 goals to web app pen testing

Answer 8

1. gain anonymous access to authenticated sections of the application
2. gain access to other client data within the application

Question 9

vulnerability scans - how often

Answer 9

run internal and external scans at least quarterly and after significant changes in the network (new system components, changes in network topology, firewall rule modifications, product upgrades).

Question 10

pen testing goals

Answer 10

• • determine whether and how a malicious user can gain unauthorized access
• • to confirm the applicable controls are in place
• • identify ways to exploit vulnerabilities to circumvent or defeat the security features of system components

Question 11

what to do after a vulnerability test

Answer 11

correct any vulnerabilities found. testing is repeated to verify corrections.

Question 12

change-detection mechanism – what does it do

Answer 12

• – alert personnel to unauthorized modifications of critical system files, configuration files or content files.
• – configure this software to perform the actions at least weekly

Question 13

4 steps to risk assessment process

Answer 13

1. prepare for assessment
2. conduct assessment
3. communicate results to senior leadership
4. maintain assessment

Question 14

define vulnerability assessment

Answer 14

process of identifying, quantifying and prioritizing (or ranking) the security issues (vulnerabilities) in a system or network

Question 15

how often should you do internal pen testing

Answer 15

at least annually and after any significant infrastructure or application upgrade or modification

Question 16

what actions must be done once you find exploitable vulnerabilities found during pen test

Answer 16

• • they must be reviewed and corrected

- - testing should be repeated to verify corrections

Question 17

when placing IDS/IPS where are ideal locations to place these nodes

Answer 17

• • at the perimeter of the sensitive data environment

- - at critical points in the sensitive data environment

Question 18

change detection is for what

Answer 18

to alert personnel to unauthorized modifications of critical systems files, configuration files, or content files.

Question 19

how often should change detection perform critical file comparisons

Answer 19

at least weekly

Question 20

review firewall configurations how often

Answer 20

at least every 6 months

Question 21

identify the tool used for change-detection

Answer 21

file-integrity monitoring (FIM)

Question 22

who is responsible for the protection of individual assets and sensitive information

Answer 22

information security officer (ISO)