Module 5 - Vulnerability Analysis Flashcards
Vulnerability Assessment Concepts:
A system that is configured to stardard that I create an image of and use it to compare all other systems on the network.
Baseline
Vulnerability Assessment Solutions:
Find a way to get the job done with out costing additional money or extra steps.
Workarounds
Vulnerability Accessment Concepts:
An examination of the ability of a system or application, including current security procedures and controls, to withstand assault.
a. Active Assessment
b. Vulnerability Assessment
c. Network Assessment
d. Application Assessment
b. Vulnerability Assessment
Vulnerability Scoring Systems:
- Is a publicly available and free to use list of dictionary of starndardized identifiers for common software vulnerabilities and exposures.
- A basis for evaluation among services, tools, and databases.
a. CVE (Common Vulnerabilities and Exposures)
b. CVAS (Common Vulnerability Assessment Solutions)
c. CVAT (Common Vulnerability Assessment Tools)
a. CVE (Common Vulnerabilities and Exposures)
Vulnerability Assessment Tools:
Lets administrators scan local and remote systems for missing security updates as well as common security misconfigurations.
a. Qualys FreeScan
b. Nikto
c. SAINT
d. MBSA (Microsoft Baseline Security Analyzer)
d. MBSA (Microsoft Baseline Security Analyzer)
Vulnerability Scoring Systems:
All of the following are severity levels of CVSS v3.0 except: (Choose 2)
a. Low
b. High
c. Critical
d. None
e. Medium
f. Extreme
g. Warning
f. Extreme
g. Warning
Vulnerability Scoring Systems:
What are the CVSS v2.0 Severity Level:
a. Critical
b. High
c. Low
d. None
e. Medium
b. High
c. Low
e. Medium
Vulnerability Scoring Systems:
CVSS v2.0, what is the Base Score for the Medium severity level?
a. 0.0-3.9
b. 7.0-10
c. 4.0-6.9
c. 4.0-6.9
Vulnerability Scoring Systems:
CVSS v3.0, What is the Base Score for the High severity level.
a. 9.0-10
b. 0.0
c. 4.0-6.9
d. 7.0-8.9
e. 0.1-3.9
d. 7.0-8.9
