Section 5-6 Flashcards
A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?
a.
Open-source intelligence
b.
Bug bounty
c.
Red team
d.
Penetration testing
b.
Bug bounty
Which of the following is performed to gain a better understanding of how specific devices are set up by identifying the arrangement of settings?
a.
Log analysis.
b.
Credentialed scan.
c.
Configuration review
d.
Web application scan.
e.
Network scan.
c.
Configuration reviewCorrect Answer
Configuration review involves examining the settings and configurations of devices to understand how they are set up and identify any potential misconfigurations or security weaknesses.
A security analyst has been tasked with ensuring all programs that are deployed into the enterprise have been assessed in a runtime environment. Any critical issues found in the program must be sent back to the developer for verification and remediation. Which of the following best describes the type of assessment taking place?
a.
Input validation.
b.
Dynamic code analysis.
c.
Fuzzing.
d.
Manual code review.
b.
Dynamic code analysis.Correct Answer
Dynamic code analysis involves testing and evaluating a program in a runtime environment to identify security vulnerabilities and other issues. This approach ensures that the program behaves as expected when executed and any critical issues can be identified and addressed.
A software company is analyzing a process that detects software vulnerabilities at the earliest stage possible. The goal is to scan the source looking for unsecure practices and weaknesses before the application is deployed in a runtime environment. Which of the following would BEST assist the company with this objective?
a.
Use static code analysis.
b.
Use fuzzing testing.
c.
Use a web vulnerability scanner.
d.
Use a penetration-testing OS.
a.
Use static code analysis.Correct
Static code analysis involves examining the source code before it is executed to identify potential vulnerabilities and weaknesses. This helps catch issues early in the development process.
Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?
a.
A full inventory of all hardware and software.
b.
Documentation of system classifications.
c.
A list of system owners and their departments.
d.
Third-party risk assessment documentation.
a.
A full inventory of all hardware and software.Correct
Having a full inventory of all hardware and software allows a security analyst to identify which systems are affected by a new vulnerability and assess the overall risk accurately.
One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?
a.
Virtualization.
b.
Firmware.
c.
Application.
d.
Operating system.
b.
Firmware.Correct Answer
BIOS updates address vulnerabilities in the firmware of a system.
An administrator has identified and fingerprinted specific files that will generate an alert if an attempt is made to email these files outside of the organization. Which of the following best describes the tool the administrator is using?
a.
DLP.
b.
SNMP traps.
c.
SCAP.
d.
IPS.
a.
DLP.Correct
DLP (Data Loss Prevention) tools identify and protect sensitive data from being exfiltrated by monitoring and controlling data transfers.
Which of the following describes effective change management procedures?
a.
Approving the change after a successful deployment.
b.
Having a backout plan when a patch fails.
c.
Using a spreadsheet for tracking changes.
d.
Using an automatic change control bypass for security updates.
b.
Having a backout plan when a patch fails.Correct Answer
Having a backout plan ensures there is a plan to revert changes if something goes wrong, which is crucial for effective change management.
A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?
a.
Conduct an audit.
b.
Initiate a penetration test.
c.
Rescan the network.
d.
Submit a report.
c.
Rescan the network.Correct Answer
After the operations team has remediated the identified vulnerabilities, it is important to rescan the network to ensure that the vulnerabilities have been successfully addressed and that no new vulnerabilities have been introduced during the remediation process. This step verifies the effectiveness of the remediation efforts.
Which of the following is a hardware-specific vulnerability?
a.
Firmware version.
b.
Buffer overflow.
c.
SQL injection.
d.
Cross-site scripting.
a.
Firmware version.Correct
Firmware version vulnerabilities are specific to the hardware on which the firmware runs. These vulnerabilities arise from flaws or outdated versions in the firmware, which is the low-level software embedded in hardware devices. The other options (buffer overflow, SQL injection, and cross-site scripting) are software vulnerabilities that can occur in various types of software applications.
In CVSS 3.1, which metric evaluates the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability?
a.
Privileges Required (PR).
b.
Attack Complexity (AC).
c.
User Interaction (UI).
d.
Scope (S).
b.
Attack Complexity (AC).Correct Answer
The Attack Complexity (AC) metric measures the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.
In CVSS 3.1, which metric evaluates whether the attacker needs another user to participate in the successful exploitation of a vulnerability?
a.
Attack Vector (AV).
b.
Privileges Required (PR).
c.
Scope (S).
d.
User Interaction (UI).
d.
User Interaction (UI).Correct Answer
The User Interaction (UI) metric evaluates whether the successful exploitation of a vulnerability depends on another user’s actions.
Which CVSS 3.1 metric measures the impact on the confidentiality of information due to a successfully exploited vulnerability?
a.
Availability Impact (A).
b.
Integrity Impact (I).
c.
Confidentiality Impact (C).
d.
User Interaction (UI).
c.
Confidentiality Impact (C).Correct Answer
The Confidentiality Impact (C) metric measures the impact on the confidentiality of information processed by the system if the vulnerability is exploited.
Which CVSS 3.1 metric indicates the type of access that is required for a successful attack?
a.
Attack Vector (AV).
b.
Scope (S).
c.
Confidentiality Impact (C).
d.
Privileges Required (PR)
d.
Privileges Required (PR).Correct Answer
The Privileges Required (PR) metric indicates the level of access that an attacker needs to exploit a vulnerability.
A security analyst is looking for a solution to help communicate to the leadership team the severity levels of the organization’s vulnerabilities. Which of the following would best meet this need?
a.
CVE.
b.
SIEM.
c.
SOAR.
d.
CVSS.
d.
CVSS.Correct Answer
The Common Vulnerability Scoring System (CVSS) provides a standardized method to assess and communicate the severity of vulnerabilities. This system is well-suited for conveying the severity levels to the leadership team.
