Vulnerability Analysis and Nessus

Question 1

What are the 4 basic steps in the vulnerability management workflow?

Answer 1

• Detection
• Reporting
• Remediation
• Reassessment

prioritize the found vuls. based on their severities

Question 2

What type of vulnerability scan accesses configuration information from the systems it is run against as well as information that can be accessed via services available via the network?

Answer 2

Authenticated scans use a read-only account to access configuration files, allowing more accurate testing of vulnerabilities

Question 3

What to do if vulnerability scanner continues to incorrectly flag the system as vulnerable after it was patched?

Answer 3

• information security team needs to flag the issue as resolved
• many vulnerability scanners rely on version or banner information and may flag patched versions if the software provider does not update the information they see

Question 4

When vulnerability scanner identifies a potential problem, what is necessary to do next?

Answer 4

validation, to verify that the issue exists

Question 5

When should be assets scanned?

Answer 5

routinely and after major changes

Question 6

What cybersecurity roles contain work that includes aspects of Vulnerability Management?

Answer 6

• Threat Intelligence Analyst
  
  • receiving and reporting on intelligence about newly released vulnerabilities, or vulnerabilities that are actively being exploited in the wild
  • have access to commercial tools that allow them to observe exploitation activity on a global scale
• Vulnerability Analyst
  
  • vulnerability scanning, analyzing results, performing manual checks, reporting on security flaws, and keeping up-to-date with the latest publicly available news regarding vulnerabilities
• Incident Responder
  
  • knowledge about vulnerabilities, and how to deal with compromises as a result of successful exploitation is key in knowing how to respond
• Penetration Tester / Red Teamer
  
  • knowing how to identify and scan for vulnerabilities and security flaws is key to this role so they can be exploited

Question 7

Name examples of 3 most common vulnerability scanners

Answer 7

• Nessus
• OpenVAS
• Nikto

Question 8

What is a Nessus policy?

Answer 8

• sets of configuration settings that define how a vulnerability scan is conducted
• determine the scope, depth, and behavior of a vulnerability scan

Question 9

What are Nessus policy templates?

Answer 9

predefined configurations provided by Nessus to simplify the process of setting up vulnerability scans

Question 10

What do you find in the My Scans section in Nessus?

Answer 10

• any scans that have been conducted by the currently signed-in user
• includes completed, scheduled, pending, and failed scans

Question 11

What do you find in the All Scans section in Nessus?

Answer 11

• any scans that have been conducted by any users within an organisation
• includes completed, scheduled, pending, and failed scans

Question 12

What are Nessus plugins?

Answer 12

• small programs or scripts that perform specific tasks during a vulnerability scan
• each plugin is designed to check a particular aspect of a target system, such as a software application, service, or configuration, for vulnerabilities, misconfigurations, or security issues

Question 13

What are Nessus scanners?

Answer 13

• different hosts that are able to perform enumeration
• useful if there are multiple V-LANs or physical networks that need to be scanned, and the hosts can’t communicate directly

Question 14

Which company created Nessus?

Answer 14

Tenable