Section 25.239 Vulnerability Scans Flashcards
Objective 4.9 Given a scenario, you must be able to use data sources to support an investigation
Vulnerability Scans
Vulnerability Scan Report
Generated automatically after completing a vulnerability scan
■ Analysis of the report is essential to confirm the validity of identified vulnerabilities
False Positives
Vulnerability scanners may produce false positives, meaning they report vulnerabilities that don’t actually exist on your system
■ It is crucial to differentiate real vulnerabilities from false positives
Analysis of Vulnerabilities
For each identified vulnerability, assess whether it was detected by the scanner and if it exists on your system
■ Determine the severity and criticality of each vulnerability
■ Create a plan of action and milestones for remediation
Components of a Vulnerability Scan Report
■ Report ID
■ Scan Date and Time
■ System or Software Version
■ Scan Initiator: The person who ran the scan
■ Executive Summary: Highlights themes and trends for large networks
■ Vulnerabilities – listed by severity (critical, high, medium, low, informational) or by vulnerable hosts
■ Additional Findings
■ Recommendations
■ Conclusion
CVE ID (Common Vulnerability and Exposure)
○ CVE website (cve.org) contains detailed information about vulnerabilities
● Description
● Affected system
● Impact
● Common Vulnerability Scoring System (CVSS) Score
○ Measures severity
● Remediation Recommendations
