Section 22 - Vulnerability Management Flashcards
What is a vulnerability assessment?
Seeks to identify any issues in a network, application, database, or other systems prior to it being used that might compromise the system
Vulnerability assessments are a formalized process that ____, _____, and _____ the security holes in an enterprise network architecture.
define, identify and classify
What is vulnerability management?
Practice of finding and mitigating the vulnerabilities in computers and networks
** This is the oversight process of vulnerability assessments
Vulnerability management is a cyclical process. Sometimes you’ll hear it referred to as…?
Scan, Patch, Scan
*** This is because you’ll scan the network for vulnerabilities to identify them (SCAN) then you’ll prioritize, fix and patch them (PATCH) and you’ll scan again. You repeat this until there are no vulnerabilities left.
How is a vulnerability assessment conducted?
Most commonly, a vulnerability management program will be used inside of an organization ad they’ll choose what software you’re going to use.
What are the five basic concepts you need to know to summarize the vulnerability management process?
- Define the desired state of security
- Create a baseline
- Prioritize the vulnerabilities
- Mitigate vulnerabilities
- Monitor the network and systems and conduct future scans
What is a penetration test?
A test conducted by a team of professionals to simulate an attack on your network, its systems or its applications
What is the difference between black box, gray box and white box testing?
Black box = zero knowledge (the pentesters have to hunt for any information that they need in order to be able to penetrate the network’s defenses)
Gray box = Some knowledge
White box = Full knowledge
What is the difference between a penetration test and a vulnerability assessment?
A vulnerability assessment is conducted as a credentialed scan, where the tool can be provided with a username and password for the systems.
Penetration tests are going to be conducted in the form of a test (black, white or gray) where pentesters will simulate being an attacker who will attempt to get into your network and after the test is complete they will provide a report telling you what vulnerabilities were found.
Penetration tests follow five basic steps. What are they?
- Get permission and document info
- Conduct reconnaissance
- Enumerate the targets
- Exploit the targets
- Document the results
What is a tabletop exercise (TTX)?
Exercise that uses an incident scenario against a framework of controls or a red team
*** This is a discussion of simulated emergency situations and security incidents
What is a red team vs a blue team?
Red team = attacking your system in a penetration test
Blue team = defending your system in a penetration test
*** Teams can be external or internal meaning they can either be employees (internal) conducting the test or a third party (external.)
What is a red team?
The hostile or attacking team in a penetration test or incident response exercise
What is a blue team?
The defensive team in a penetration test or incident response exercise
What is a white team?
Staff administering, evaluating, and supervising a penetration test or incident response exercise
What is OVAL?
Open Vulnerability and Assessment Language
A standard designed to regulate the transfer of secure public information across networks and the internet utilizing any security tools and services available
*** This is an attempt to create a standard way for vulnerability management software, scanners, and other tools to share their data with each other and with other programs.
OVAL is compromised of two different parts. What are they?
Language
Interpreter
What is OVAL language?
An XML schema used to define and describe the information being created by OVAL to be shared among the various programs and tools
What is an OVAL interpreter?
A reference developed to ensure the information passed around by these programs complies with the OVAL schemas and definitions used by the OVAL language
What are the tools used to conduct vulnerability assessments?
Network mapping
Vulnerability scanning
Network sniffing
Password Analysis
What is network mapping?
Discovery and documentation of physical and logical connectivity that exists in the network
What does vulnerability scanning do?
A technique that identifies threats on the network without exploiting them
What is banner grabbing?
A technique used to gain information about servers and inventory the systems or services
What is Network Sniffing?
The process of finding and investigating other computers on the network by analyzing the network traffic or capturing the packets being sent