Security Vulnerabilities and Risk Management

Question 1

What is an asset?

Answer 1

An item perceived as having value to an organization. Assets can be digital (like SSNs, bank account numbers) or physical (like payment kiosks, servers, office spaces).

Question 2

What is a threat?

Answer 2

Any circumstance or event that can negatively impact assets.

Question 3

What is a risk?

Answer 3

Anything that can impact the confidentiality, integrity, or availability of an asset. Risk equals the likelihood of a threat.

Question 4

What is a vulnerability?

Answer 4

A weakness that can be exploited by a threat.

Question 5

What is an insider threat?

Answer 5

Staff members or vendors who abuse their authorized access to obtain data that may harm an organization.

Question 6

What are advanced persistent threats (APTs)?

Answer 6

When a threat actor maintains unauthorized access to a system for an extended period of time.

Question 7

What is an external risk?

Answer 7

Anything outside the organization that has the potential to harm organizational assets.

Question 8

What is an internal risk?

Answer 8

A current or former employee, vendor, or trusted partner who poses a security risk.

Question 9

What is multiparty risk?

Answer 9

Risk from outsourcing work to third-party vendors who may have access to intellectual property.

Question 10

What are legacy system risks?

Answer 10

Risks from old systems that might not be accounted for or updated but can still impact assets.

Question 11

What are the four common strategies for managing risks?

Answer 11

1. Acceptance: Accepting a risk to avoid disrupting business continuity
2. Avoidance: Creating a plan to avoid the risk altogether
3. Transference: Transferring risk to a third party to manage
4. Mitigation: Lessening the impact of a known risk

Question 12

What is ProxyLogon?

Answer 12

A pre-authenticated vulnerability that affects the Microsoft Exchange server, allowing threat actors to complete user authentication to deploy malicious code remotely.

Question 13

What is ZeroLogon?

Answer 13

A vulnerability in Microsoft’s Netlogon authentication protocol that affects user identity verification before allowing access to a website’s location.

Question 14

What is Log4Shell?

Answer 14

A vulnerability that allows attackers to run Java code on someone else’s computer or leak sensitive information by enabling remote control of internet-connected devices.

Question 15

What is PetitPotam?

Answer 15

A vulnerability affecting Windows NTLM that allows a LAN-based attacker to initiate an authentication request.

Question 16

What are security logging and monitoring failures?

Answer 16

Insufficient logging and monitoring capabilities that allow attackers to exploit vulnerabilities without the organization’s knowledge.

Question 17

What is server-side request forgery?

Answer 17

A vulnerability that allows attackers to manipulate a server-side application into accessing and updating backend resources or stealing data.