Section 5-6 Flashcards

1
Q

A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?

a.
Open-source intelligence
b.
Bug bounty
c.
Red team
d.
Penetration testing

A

b.
Bug bounty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is performed to gain a better understanding of how specific devices are set up by identifying the arrangement of settings?

a.
Log analysis.
b.
Credentialed scan.
c.
Configuration review
d.
Web application scan.
e.
Network scan.

A

c.
Configuration reviewCorrect Answer
Configuration review involves examining the settings and configurations of devices to understand how they are set up and identify any potential misconfigurations or security weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security analyst has been tasked with ensuring all programs that are deployed into the enterprise have been assessed in a runtime environment. Any critical issues found in the program must be sent back to the developer for verification and remediation. Which of the following best describes the type of assessment taking place?

a.
Input validation.
b.
Dynamic code analysis.
c.
Fuzzing.
d.
Manual code review.

A

b.
Dynamic code analysis.Correct Answer
Dynamic code analysis involves testing and evaluating a program in a runtime environment to identify security vulnerabilities and other issues. This approach ensures that the program behaves as expected when executed and any critical issues can be identified and addressed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A software company is analyzing a process that detects software vulnerabilities at the earliest stage possible. The goal is to scan the source looking for unsecure practices and weaknesses before the application is deployed in a runtime environment. Which of the following would BEST assist the company with this objective?

a.
Use static code analysis.
b.
Use fuzzing testing.
c.
Use a web vulnerability scanner.
d.
Use a penetration-testing OS.

A

a.
Use static code analysis.Correct
Static code analysis involves examining the source code before it is executed to identify potential vulnerabilities and weaknesses. This helps catch issues early in the development process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?

a.
A full inventory of all hardware and software.
b.
Documentation of system classifications.
c.
A list of system owners and their departments.
d.
Third-party risk assessment documentation.

A

a.
A full inventory of all hardware and software.Correct
Having a full inventory of all hardware and software allows a security analyst to identify which systems are affected by a new vulnerability and assess the overall risk accurately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?

a.
Virtualization.
b.
Firmware.
c.
Application.
d.
Operating system.

A

b.
Firmware.Correct Answer
BIOS updates address vulnerabilities in the firmware of a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An administrator has identified and fingerprinted specific files that will generate an alert if an attempt is made to email these files outside of the organization. Which of the following best describes the tool the administrator is using?

a.
DLP.
b.
SNMP traps.
c.
SCAP.
d.
IPS.

A

a.
DLP.Correct
DLP (Data Loss Prevention) tools identify and protect sensitive data from being exfiltrated by monitoring and controlling data transfers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following describes effective change management procedures?

a.
Approving the change after a successful deployment.
b.
Having a backout plan when a patch fails.
c.
Using a spreadsheet for tracking changes.
d.
Using an automatic change control bypass for security updates.

A

b.
Having a backout plan when a patch fails.Correct Answer
Having a backout plan ensures there is a plan to revert changes if something goes wrong, which is crucial for effective change management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?

a.
Conduct an audit.
b.
Initiate a penetration test.
c.
Rescan the network.
d.
Submit a report.

A

c.
Rescan the network.Correct Answer
After the operations team has remediated the identified vulnerabilities, it is important to rescan the network to ensure that the vulnerabilities have been successfully addressed and that no new vulnerabilities have been introduced during the remediation process. This step verifies the effectiveness of the remediation efforts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a hardware-specific vulnerability?

a.
Firmware version.
b.
Buffer overflow.
c.
SQL injection.
d.
Cross-site scripting.

A

a.
Firmware version.Correct
Firmware version vulnerabilities are specific to the hardware on which the firmware runs. These vulnerabilities arise from flaws or outdated versions in the firmware, which is the low-level software embedded in hardware devices. The other options (buffer overflow, SQL injection, and cross-site scripting) are software vulnerabilities that can occur in various types of software applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In CVSS 3.1, which metric evaluates the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability?

a.
Privileges Required (PR).
b.
Attack Complexity (AC).
c.
User Interaction (UI).
d.
Scope (S).

A

b.
Attack Complexity (AC).Correct Answer
The Attack Complexity (AC) metric measures the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In CVSS 3.1, which metric evaluates whether the attacker needs another user to participate in the successful exploitation of a vulnerability?

a.
Attack Vector (AV).
b.
Privileges Required (PR).
c.
Scope (S).
d.
User Interaction (UI).

A

d.
User Interaction (UI).Correct Answer
The User Interaction (UI) metric evaluates whether the successful exploitation of a vulnerability depends on another user’s actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which CVSS 3.1 metric measures the impact on the confidentiality of information due to a successfully exploited vulnerability?

a.
Availability Impact (A).
b.
Integrity Impact (I).
c.
Confidentiality Impact (C).
d.
User Interaction (UI).

A

c.
Confidentiality Impact (C).Correct Answer
The Confidentiality Impact (C) metric measures the impact on the confidentiality of information processed by the system if the vulnerability is exploited.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which CVSS 3.1 metric indicates the type of access that is required for a successful attack?

a.
Attack Vector (AV).
b.
Scope (S).
c.
Confidentiality Impact (C).
d.
Privileges Required (PR)

A

d.
Privileges Required (PR).Correct Answer
The Privileges Required (PR) metric indicates the level of access that an attacker needs to exploit a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A security analyst is looking for a solution to help communicate to the leadership team the severity levels of the organization’s vulnerabilities. Which of the following would best meet this need?

a.
CVE.
b.
SIEM.
c.
SOAR.
d.
CVSS.

A

d.
CVSS.Correct Answer
The Common Vulnerability Scoring System (CVSS) provides a standardized method to assess and communicate the severity of vulnerabilities. This system is well-suited for conveying the severity levels to the leadership team.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is used to describe discrete characteristics of a potential weakness that results in a severity number?

a.
CVSS.
b.
CVE.
c.
CAR.
d.
CERT.

A

a.
CVSS.Correct
The Common Vulnerability Scoring System (CVSS) describes the discrete characteristics of a vulnerability and assigns a severity score based on those characteristics.

17
Q

A security administrator is hardening corporate systems and applying appropriate mitigations by consulting a real-world knowledge base for adversary behavior. Which of the following would be best for the administrator to reference?

a.
MITRE ATT&CK.
b.
CSIRT.
c.
CVSS.
d.
SOAR.

A

a.
MITRE ATT&CK.Correct
MITRE ATT&CK is a comprehensive knowledge base of adversary tactics and techniques based on real-world observations, making it an excellent resource for understanding and mitigating adversary behavior.

18
Q

Which of the following can a security director use to prioritize vulnerability patching within a company’s IT environment?

a.
SOAR.
b.
CVSS.
c.
SIEM.
d.
CVE.

A

b.
CVSS.Correct Answer
The Common Vulnerability Scoring System (CVSS) provides a standardized way to assess the severity of vulnerabilities, helping security directors prioritize patching based on the potential impact and exploitability of each vulnerability.

19
Q

Which of the following most impacts an administrator’s ability to address CVEs discovered on a server?

a.
Rescanning requirements.
b.
Patch availability.
c.
Organizational impact.
d.
Risk tolerance.

A

b.
Patch availability.Correct Answer
The ability to address CVEs (Common Vulnerabilities and Exposures) is directly impacted by the availability of patches that fix the vulnerabilities.

20
Q

Which of the following is used to quantitatively measure the criticality of a vulnerability?

a.
CVE.
b.
CVSS.
c.
CIA.
d.
CERT.

A

b.
CVSS.Correct Answer
The Common Vulnerability Scoring System (CVSS) quantifies the severity of vulnerabilities.