Vulnerability Assessment Flashcards
What does the ‘Remediation’ stage of Vulnerability Assessment entail?
Remediation is the process of applying fixes on vulnerable systems in order to reduce the impact and severity of vulnerabilities
What does the ‘Verification’ stage of Vulnerability Assessment entail?
This phase provides clear visibility into the firm and allows the security team to check whether all the previous phases have been perfectly employed or not
What does the ‘Risk Assessment’ stage of Vulnerability Assessment entail?
All serious uncertainties that are associated with the system are assessed and prioritized, and remediation is planned to permanently eliminate system flaws
What does the ‘Monitoring’ stage of Vulnerability Assessment entail?
Organizations need to performed regular monitoring to maintain system security. Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved
What is CVSS?
CVSS (the Common Vulnerability Scoring System) is a published standard that provides an open framework for communicating the characteristics and impacts of IT vulnerabilities.
What is the correct order of steps in vulnerability assessment?
- Risk Assessment
- Remediation
- Verification
- Monitoring
What is the correct order of steps in the vulnerability management lifecycle?
- Identify Assets & Create Baseline
- Vulnerability Scan
- Risk Assessment
- Remediation
- Verification
- Monitor
- Repeat
What are the 3 metrics which establish a CVSS score?
Base Metrics, Environmental Metrics, and Temporal Metrics.
What is an Internal Assessment?
An internal assessment involves scrutinizing the internal network to find exploits and vulnerabilities
What is a Distributed Assessment?
This type of assessment, employed by organizations that possess assets like servers and clients at different locations, involves simultaneously assessing the distributed organization assets, such as client and server applications, using appropriate synchronization techniques
What is a Network-based Assessment?
These assessments discover network resources and map the ports and services running to various areas on the network
What is a Credentialed Assessment?
In this type of assessment, the ethical hacker possesses the credentials of all machines present in the assessed network
What is a host-based assessment?
A host-based assessment involves looks at the vulnerabilities of the devices on a particular network
What is an active assessment?
An active assessment involves using a network scanner to look for hosts
What is a passive assessment?
A passive assessment involves sniffing packets in a network
What is a wireless network assessment?
A wireless network assessment looks for vulnerabilities in the wireless network
What is a Product-Based Vulnerability Assessment Solution?
A Product-Based Vulnerability Assessment is a solution that is installed either on a private or non-routable space or on the Internet-addressable portion of an organization’s network.
What is a Tree-Based Vulnerability Assessment Solution?
In a tree-based assessment, the auditor (parent) selects different strategies for each machine or component (child nodes) of the information system. This approach relies on the administrator to provide a starting piece of intelligence and then to start scanning continuously without incorporating any information found at the time of scanning
What is a Service-Based Vulnerability Assessment Solution?
Service-based solutions are offered by third parties, such as auditing or security consulting firms. Some solutions are hosted inside the network, while others are hosted outside the network
What is an Inference-Based Vulnerability Assessment Solution?
In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine
What are Depth Assessment Tools?
Depth assessment tools are used to discover and identify previously unknown vulnerabilities in a system. Generally, tools such as fuzzers, which provide arbitrary input to a system’s interface, are used to identify vulnerabilities to an unstable depth
What are Host-Based Vulnerability Assessment Tools?
The host-based scanning tools are appropriate for servers that run various applications, such as the Web, critical files, databases, directories, and remote accesses. These host-based scanners can detect high levels of vulnerabilities and provide required information about the fixes (patches).
What are Scope Assessment Tools?
Scope assessment tools provide an assessment of the security by testing vulnerabilities in the applications and operating system. These tools provide standard controls and a reporting interface that allows the user to select a suitable scan.
What are Application-Layer Vulnerability Assessment Tools?
Application-layer vulnerability assessment tools are designed to serve the needs of all kinds of operating system types and applications. Various resources pose a variety of security threats and are identified by the tools designed for that purpose
What are Network-Based Scanners?
Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning
What are Agent-Based Scanners?
Agent-based scanners reside on a single machine but can scan several machines on the same network
What are Proxy Scanners?
Proxy scanners are the network-based scanners that can scan networks from any machine on the network
What are Cluster Scanners?
Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network
